Occasionally I have to clear all the logs on a Windows system, if it’s reasonably new then the following command run in PowerShell as an administrator (Right-Click then ‘Run As Administrator) should do just that.
wevtutil el | Foreach-Object {wevtutil cl "$_"}
I was updating the monitoring setup at work the other day and suddenly got hit by a few State: UNKNOWN – **ePN /usr/lib/nagios/plugins/check_rbl: plugin did not call exit() messages.
When the plugin was executed outside of Icinga it worked fine, online searches revealed nothing of use, I spent ages trying to adjust the config file and check command for the plugin but with no success.
Eventually I was able to track it down to the embedded Perl interpreter used by Icinga. The solution was fairly simple I just had to add nagios: -epn as a comment within the first 10 lines of the script. This told Nagios to use an external Perl interpreter when running this plugin.
This solution should apply to anything based on Nagios by the way: Icinga, Shinken, Centreon-Engine, Opsview, etc.
It’s been a while since I last updated and the truth is I just don’t have time to write proper blog posts. Keeping that in mind, but still wishing to keep this up-to-date. I’ve decided to post quick tips and snippets that I find useful. Here’s the first:
I’ve been doing some database work recently and I wanted to unify the character set and collation for all databases and tables. Changing the database collation was easy to do in bulk. The tables less so and I was not manually changing 13,014 tables, eventually I came up with this:
mysql --batch --skip-column-names --user=username --password=password --execute="select CONCAT('alter table ',TABLE_SCHEMA,'.',TABLE_NAME,' convert to character set utf8 collate utf8_general_ci;') from information_schema.TABLES WHERE TABLE_SCHEMA != 'information_schema' AND TABLE_SCHEMA != 'mysql' AND TABLE_SCHEMA != 'performance_schema';" | mysql --user=username --password=password
That should generate a bunch of statements that look like this:
alter table database_name.table_name convert to character set utf8 collate utf8_general_ci;
For every table in every database except the information_schema, mysql and performance_schema databases. I just pipe these right back in to MySQL but you can output them to a text file and run that later if you prefer. This snippet should also to be useful for any mass/multiple/bulk table edits or changes.
Someone handed me a couple of floppy disks the other day and wanted me to get some important files from them, these disks had been sitting in the back of a cabinet since 1996. I had three USB floppy drives and a couple of hardware floppy drives handy so I thought I’d give it a go and tried both disks in each drive. All I got was erroring on almost every sector with messages like:
sd 5:0:0:0: [sdc] CDB: Read(10): 28 00 00 00 01 1e 00 00 01 00 00 00 end_request: critical target error, dev sdc, sector 286 sd 5:0:0:0: [sdc] Unhandled sense code sd 5:0:0:0: [sdc] Result: hostbyte=invalid driverbyte=DRIVER_SENSE sd 5:0:0:0: [sdc] Sense Key : Medium Error [current] Info fld=0x11f sd 5:0:0:0: [sdc] Add. Sense: Recorded entity not found
It’s most likely that these errors were caused by age but floppy disk drives also have differing alignment between the drive the data was written with and the drive used for reading the data.
There was only one thing I could do really and that was give ddrescue a try. There are two utilities called ddrescue, to be exact it was GNU ddrescue version 1.11. What I decided to do was try running ddrescue using three different read methods, on each disk in every drive (different alignments). My hope being that by writing to the same image file and using the logfile feature of ddrescue that I could amalgamate the good parts of each read into one complete image file.
Note: You’ll probably need to change the options below for each floppy device, file location, etc, if the drives are in different computers it’s probably easiest to save the files to some central location.
First we try to copy as much data as possible, without splitting sectors or retrying on failures:
sudo ddrescue --verbose --no-split --cluster-size=1 /dev/sdc floppy1.img floppy1.log
Now we retry any previous errors twice, using uncached reads:
sudo ddrescue --verbose --direct --max-retries=2 --cluster-size=1 /dev/sdc floppy1.img floppy1.log
Finally we try again but with the retrim option set, so that ddrescue will try to reread full sectors:
sudo ddrescue --verbose --direct --retrim --max-retries=2 --cluster-size=1 /dev/sdc floppy1.img floppy1.log
At this point you hopefully have a complete floppy disk image (I only had to use three of the available floppy drives) and then depending on the situation and damage you can either run the image through fsck, mount it, write it to a new disk or run it through a file carver.
In my situation I was able to use the mtools suite to copy the required files directly from the floppy disk image files.
It’s been a while since my last update, but as with any good IT guy I’ve been both too busy and too lazy to write anything. Anyway, I thought I’d make a note of some commands more for my own use that anyone else’s, but if someone else does find one useful then that’s a bonus.
Split a file at a word or pattern into multiple files:
awk '/Pattern to split at/{n++}{print > "split" n ".txt"}' FILE
Notes: Replace FILE with the file name you wish to run the command against.
Take a screenshot via SSH:
DISPLAY=:0.0 import -window root /path/to/directory/screenshot.png
Notes: None.
Search for something that looks like an e-mail address:
egrep -io '([[:alnum:]_.-]+@[[:alnum:]_.-]+?\.[[:alpha:].]{2,6})'
Run a query on multiple tables in a database matching a pattern
mysql -uUSER -pPASSWORD -D DATABASE_NAME -e "show tables" -s | egrep "SEARCH_PATTERN" | xargs -I "@@" mysql -uUSER -pPASSWORD -D DATABASE_NAME -e "DROP TABLE @@;"
Notes: Replace the markers where indicated (USER, PASSWORD etc) and obviously change the example query.
Command line screencast
mkfifo /tmp/fifo;(nc -q0 -k -l -p 5000 < /tmp/fifo > /dev/null &);script -f /tmp/fifo
Notes: Run nc ADDRESS 5000 to connect and watch.
Empty all log files
for file in $(find /var/log -type f); do > $file; done;
Notes: None.
Watch MySQL queries
watch -n 1 mysqladmin --user=USER --password=PASSWORD processlist
Notes: Replace the markers where indicated (USER, PASSWORD etc).
Find potential duplicate files
find -not -empty -type f -printf "%s\n" | sort -rn | uniq -d | xargs -I{} -n1 find -type f -size {}c -print0 | xargs -0 md5sum | sort | uniq -w32 --all-repeated=separate
Notes: None.