Replacing the Default Splunk Web SSL Certificate

This post  goes over how to sign a SplunkWeb Certificate Signing Request (CSR) using my Root CA in pfSense. I do not cover creating the Root CA. Step 1: Create the directory for the certificates splunk@siem:~$ mkdir /opt/splunk/etc/auth/certs Step 2: Generate the private key and temporary password splunk@siem:~$ cd /opt/splunk/etc/auth/certs splunk@siem:~$ splunk cmd openssl genrsa … Read more

Migrating and Upgrading Apache Guacamole to Docker

UPDATED: I have created an all-in-one (AIO) version that includes nginx using TLS. Apache Guacamole is a client-less remote desktop gateway. I use it in order to access my lab when traditional methods are not available. Guacamole does not use agents or fancy plugins, you only need an HTML5 supported browser and you can access … Read more

Raspberry Pi Centralized Log Server

Setting up a Pi to be a centralized log store is amazingly simple. If you are using Raspbian it comes with rsyslog installed by default, so all that’s left is to setup the config and tailor log rotation. First, you should create a directory under /var/log for all the remote logs. sudo mkdir /var/log/central Then edit the … Read more

IBM M1015 9220-8i cross-flashed to LSI 9211-8i IT mode

Flashing a raid card to a different firmware takes about five minutes, however if you have never done it before, the research process can be an order of magnitude higher. I spent about a day parsing all the blogs, forum posts, and subreddits that discuss flashing the LSI9211 HBA firmware to IT mode on compatible … Read more