I like computers
Earth
Joined October 2009
- Tweets 1,692
- Following 67
- Followers 74
- Likes 204
We'll agree to disagree on the definition then :)
You're not the first person from @Elastic to tell me my clusters not orthodox.
Thanks for reaching out though, I tweeted a faceless corporation, didn't expect someone to try and help!
1
WRT sizing; seems to be fine so far, this cluster has been production for several years now, started out at ES 1.4 I think? We just have a huge volume of data being dumped into it.
Rollover is something I have thought about in the past however, ain't broke don't fix?
1
Our definitions of hard and soft obviously vary, if something stops your from going over a limit in my book it's a hard limit. Soft would just throw loads of warnings at you. Thankfully you guys are very helpful on the forums and I stumbled across discuss.elastic.co/t/number-…
Just dragged our ELK stack up to 7.0 from 6.5 and I'm unimpressed with @elastic cluster.max_shards_per_node being set to 1000, we generate about 1000 shards per month and on our 4 node cluster that works really well for us.
1
Encrypted SNI and DNS over HTTPS are a dangerous combination.
Great tools for consumers and personal devices but horrible obstacles in the enterprise
1
Just had an email land in my inbox that contained the following:
"1) Are you able to patch these vulnerabilities in the software?
OR
2) Would you be able to put the software into a Docker?"
Where has this attitude/belief come from?
It's too early in my morn... life for this
Well we can now store public SSH keys in AD, and make them machine specific as well.
SSH also prompts for a MFA token that validates against our generic 2FA server that currently is setup for YubiKeys or TOTP.
Leaving me with triple authentication: key -> password -> MFA
So I'm assuming the way to handle SSH public keys in Windows is sign them with a CA, feels like a missed opportunity to not involve AD more into this; stick keys under a user attribute so something like that
Bit harsh, it's not always a users fault, for example I know of an institution that didn't support TLS1.2 on their radius servers and thus devices with TLS1.0/1.1 disabled couldn't connect
1
2
Good to see stuff like this although the problem of unreliable but trusted sources males it all that much harder
Just because a story is online, doesn’t mean it’s true. The internet is great, but it can be used to spread misleading news and content.
Make sure you know what you’re sharing. Don’t feed the beast. Use the S.H.A.R.E checklist.
#CYBERUK19 was my first CyberUK and it was amazing! Met some great people across public and private sectors :) Looking forward to next year's which I'll definitely be attending
2
Gives me a great idea for a extension that changes the UA to a random one for some obscure browser every time you load a new page
1
Just had a red chest in #BorderlandsGOTY open and give me nothing...
How do you deal with developers that can't grasp the concept of, 'if you change the password of the user connecting to the DB, you can no longer use the old password, you must use the new one'
1
Imran Hussain retweeted
....are you saying that a plane crashed because Boeing made them pay for downloadable content? ...it sounds like you're saying airline safety systems have DLC. nytimes.com/2019/03/21/busin…
83
1,085
113
2,350