Posts

PLProfiler is a great tool for profiling PL/PGSQL functions, but you need an extra trick for PostGIS native functions.

I’ve been a delighted Kinesis Advantage user for over 10 years. I purchased the Ergodox EZ as a second keyboard for hybrid work. Now its time to replace my Kinesis. Let’s compare!

Use the Common Expression Language (CEL) to allow user-friendly flexible policy rules. Show this with YAML to group/filter data to expose as metrics.

PoC coding and reimplementation of Python and Go for metrics and log parsing using an example of 389 Directory Service.

I explore using Syft and Grype, demonstrate use of jq and Go’s text templates, and explore using Syft against a server rather than a container.

Regain visibility into the performance of Open Source Grafana and Prometheus so you know which dashboards and visualisations are slowing down your Prometheus service.

Where in Git would I go to edit the code that deploys a set of resources identified by audit findings?

Use Amazon’s VPC flow logs (similar to NetFlow) to identify NFS clients and servers and enrich that IP-level information with useful names so you can recognise EC2 instances, EFS endpoints etc.

Some observations from successful job hunting for those wanting a remote role or to pivot in the industry. Meant for more senior roles, where the funnel should be smaller.

Network gynmastics using SSH and a local proxy for servers that don’t have internet access but still need to ‘yum update’ etc.

I wanted to grant just the access needed for different Docker containers through Squid. I used Squid’s ability to use Ident as a way to look up a ‘user’ for a connection, and made a custom identd server to provide this information.

Capture real-world network traffic so you can replay it later / elsewhere for development and testing. An example is given using IPFIX (AppFlow), but directly relevant to UDP Syslog too.

Giving a single process (tree) a different view of the filesystem without modifying the process; and showing how to do this manually and via Ansible.

How to cleanly gather logs for memcached.

Network incompatibilities do happen and sometimes you need to be a little more forgiving in order to let the traffic flow. An example of where some Cisco behaviour was running foul of Linux.

Disabling IPTables connection tracking for DNS can resolve problems due to too many connections in the connection table.

It is common practice to use tools like ‘dig’ to lookup DNS results, but this has very bad performance. If you just need to lookup a name or address, there’s an easier, friendly way.

Your timezone says Pacific/Auckland but Java reports Antarctica/SouthPole; what gives?

When you want SSH and sudo, but all you have is a Samba share. Similar to using a flag file in a network share to trigger some scripted action, this solution uses inotify to watch for files that get deleted, and then even shows the status of each job.

ORA-12170