Lessons Learned: Winlogbeat & Forwarded Events – no event description

Scenario: Shipping Azure Cloud Logs to an Elasticsearch Cluster The Azure Log Service [AZLog ] audits events across your Azure Cloud infrastructure, and sends these to a central log collector. It leverage the Windows Event Forwarding subsystem to do this, meaning that the collector server will be able to view the AZLog alerts via the … Continue reading Lessons Learned: Winlogbeat & Forwarded Events – no event description

Advertisements

Windows system tray popups using Python

I modified Simon Brunning's epic example (original can be found here) to include an example of how to have a windows system tray icon display a popup on demand. Here's the coding: https://docs.google.com/document/d/1xySFrLgSAiTfymgCQvW4bpsva_rzkwOqkcsoYWhN0a0/edit?usp=sharing   The differences are: Added a new method to the sysTrayIcon class called "set_popup". This is where win32 api does it's magic … Continue reading Windows system tray popups using Python

Adding agentless Windows WMI monitoring to Nagios

There are a couple of well documented methods to monitor Windows machines from Nagios. The most popular of these seems to be NRPE. This method works very well, but the biggest downside for me was the need to install a client on every machine that needed to be monitored. WMI seemed to be the best … Continue reading Adding agentless Windows WMI monitoring to Nagios

Bringing IPv6 to the home : Part 2

The article is a more in-depth look at residential IPv6, the final installment of the 2 part series. If you've missed it, the 1st article can be found here. After having established a successful connection to an IPv6 broker server, I fired up wireshark to see what is going on over the wire. We immediately … Continue reading Bringing IPv6 to the home : Part 2

Bringing IPv6 to the home : Part 1

World IPv6 day came and went, but for most of us nothing much changed. In Malta especially, there currently seems no interest for ISPs to start using IPV6, very probably due to the challenges it poses. So I went on a mission to bring IPv6 connectivity to my home network (FYI, there are already some … Continue reading Bringing IPv6 to the home : Part 1

Windows L2TP split tunnelling using CMAK

by Default, the in-built windows L2TP client will attempt to tunnel all internet traffic over an L2TP VPN connection. This can of course be disabled to achieve a low level of split tunnelling: Right click on the VPN adapter > properties > TCP/IP settings > Advanced. Clear the “use default gateway on remote network” It’s … Continue reading Windows L2TP split tunnelling using CMAK

PathPing : the forgotten latency tool

One of the biggest network troubleshooting questions has to be “why is my site loading so slow?” (and other related latency questions). A very useful and underutilised tool is built right into the windows OS. This tool is a relative of traceroute and uses ICMP to calculate the latency introduced at different hops along the … Continue reading PathPing : the forgotten latency tool