BigSnarf blog

Infosec FTW

Monthly Archives: August 2014

Monitoring JVM

Leave a comment Posted by on August 27, 2014

BuS2MHPCMAAm-fk

Tools

Scala REPL in Notebook

Leave a comment Posted by on August 27, 2014

Screen Shot 2014-08-26 at 10.29.31 PM

Tools

Scalaz in the REPL

Leave a comment Posted by on August 17, 2014

First run sbt:

sbt

Then issue these commands:

set scalaVersion := “2.10.0”
set libraryDependencies += “org.scalaz” %% “scalaz-core” % “7.0.0”
set initialCommands += “import scalaz._, Scalaz._”
session save
console

Uncategorized

Algebird Monoids for IP Addresses and counts in Scala

Leave a comment Posted by on August 6, 2014 
import com.twitter.algebird.Operators._


case class IPRecord(val ipAddress: String, val number: Int) extends Ordered[IPRecord] {
 def compare(that: IPRecord): Int = {
   val c = this.number - that.number
   if (c == 0) this.ipAddress.compareTo(that.ipAddress) else c
 }
}


val oneOneOneOne = IPRecord("1.1.1.1", 67391)
val twoTwoTwoTwo = IPRecord("2.2.2.2", 48013573)
val threeThreeThreeThree = IPRecord("3.3.3.3", 6470)
val fourFourFourFour = IPRecord("4.4.4.4", 731)

val topIPAddress: Max[IPRecord] = Max(oneOneOneOne) + Max(twoTwoTwoTwo) + Max(threeThreeThreeThree) + Max(fourFourFourFour)
assert(topIPAddress.get == twoTwoTwoTwo)
Thoughts

Simple Apache Auth Log Processing with Spark job

Leave a comment Posted by on August 4, 2014 
Screen Shot 2014-08-03 at 10.07.22 PM
Screen Shot 2014-08-03 at 10.13.14 PM

/* 

SimpleApp.scala

Simple Spark Job for processing Apache auth.log for Invalid user login attempts and Failed password counts
./bin/spark-submit --class "SimpleApp" --master local[4] target/scala-2.10/simple-project_2.10-1.0.jar

 */
import org.apache.spark.SparkContext
import org.apache.spark.SparkContext._
import org.apache.spark.SparkConf

object SimpleApp {
 def main(args: Array[String]) {
 val logFile = "/Users/antigen/Downloads/sanitized_log/auth.log" 
 val conf = new SparkConf().setAppName("SimpleApacheLogProcessing Application")
 val sc = new SparkContext(conf)
 val logData = sc.textFile(logFile, 2).cache()
 val numAs = logData.filter(line => line.contains("Invalid user")).count()
 val numBs = logData.filter(line => line.contains("Failed password")).count()
 println("Lines with INVALID USER: %s, Lines with FAILED PASSWORD: %s".format(numAs, numBs))
 }
}


Code, Folder Structure, simple.sbt, and packaged jar files here:
https://github.com/bigsnarfdude/SimpleApp
http://databricks.gitbooks.io/databricks-spark-reference-applications/content/logs_analyzer/app/README.html
Tools

Data Science Stack

Leave a comment Posted by on August 3, 2014

Screen Shot 2014-08-02 at 10.47.09 PM

Tools

Finally got Algebird and Apache Log Parsing libraries into my Apache Spark REPL

Leave a comment Posted by on August 2, 2014

Screen Shot 2014-08-02 at 9.06.57 AM

 

https://github.com/twitter/algebird/wiki/Learning-Algebird-Monoids-with-REPL

Tools