Finally, I managed to enable HTTPS on my own blog!
I opted for a quick-and-dirty solution based on a self-compiled version of HAProxy in front of WordPress, statically linked to OpenSSL 1.0.2, in order to serve Certificate Transparency information during the TLS setup.
While dealing with the SHA-1 sunsetting process I encountered a problem with some certificates from StartSSL/StartCom that may lead Chrome to raise warnings or even errors on websites with updated SHA-2-only chains (at least on Microsoft Windows clients).
On the Integration of pmacct with ElasticSearch and Kibana post a user (Xentoo) asked how to display geographic information provided by pmacct on a Kibana 4 map using pmacct-to-elasticsearch.
An experimental feature of p2es called transformations can be used to add a Geo Point field on the basis of the country code provided by pmacct.
The public DNSBL services offered by AHBL have been shutdown.
Services and programs which used dnsbl.ahbl.org, ircbl.ahbl.org and rhsbl.ahbl.org need to be updated in order to avoid false positives:
X-Spam-Status: No, score=0.789 tagged_above=-999 required=6 tests=[BAYES_00=-1.9, DNS_FROM_AHBL_RHSBL=2.699, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Spamassassin configuration, for example, needs to be fixed:
# cat /usr/share/spamassassin/20_dnsbl_tests.cf | grep AHBL
header DNS_FROM_AHBL_RHSBL eval:check_rbl_envfrom('ahbl', 'rhsbl.ahbl.org.')
describe DNS_FROM_AHBL_RHSBL Envelope sender listed in dnsbl.ahbl.org
tflags DNS_FROM_AHBL_RHSBL net
reuse DNS_FROM_AHBL_RHSBL
Comment that block or (at least) force a score zero for the rule in your local configuration:
# cat /etc/spamassassin/local.cf | grep AHBL score DNS_FROM_AHBL_RHSBL 0
In this post I want to show a solution based on a script (pmacct-to-elasticsearch) that I made to gather data from pmacct and visualize them using Kibana/ElasticSearch. It’s far from being the state of the art of IP accounting solutions, but it may be used as a starting point for further customizations and developments.
I plan to write another post with some ideas to integrate pmacct with the canonical ELK stack (ElasticSearch/Logstash/Kibana). As usual, add my RSS feed to your reader or follow me on Twitter to stay updated!
This is the big picture of the proposed solution:
There are 4 main actors: pmacct daemons (we already saw how to install and configure them) that collect accounting data, pmacct-to-elasticsearch, which reads pmacct’s output, processes it and sends it to ElasticSearch, where data are stored and organized into indices and, at last, Kibana, that is used to chart them on a web frontend.