I'm trying to learn zeek signature
Signature file name: dns.sig
signature dns-intel{
ip-proto == udp
dst-port == 53
payload /.*life|.*bar/
event "[Suspicious DNS Query]" }
Zeek file name: myfirst.zeek
event signature_match (state: signature_state, msg: string, data: string) {
if (state$sig_id == "dns-intel") {
print fmt ("[Suspicious DNS query] %s", state$conn$dns$query)
}
I'm getting error in line 5 : rule defined twice.
what's the problem here ??
Signature id has to be unique, based on your error code:
error in line 5 : rule defined twice. what's the problem here ??
It might be the case that you have multiple signatures defined with same id: dns-intel in your dns.sig file.
Modify your dns.sig file and make sure each signature has a unique id should fix the error.
I tested your signature and script on my local machine and can run without issue.
Related
I am upgrading the DAO to use version 4 of the near sdk. During the migration I needed to change the way the AccountId struct was used, from being a string to being a struct that holds a string.
The original test has a token id of an empty string, "" assigned to a const which cannot be converted to a struct instance because instantiating a struct isn't constant. An empty string "" now raises a panic because it isn't a proper account id (it must have lowercase letters and numbers with a period, among other things).
I changed it to base.token and added constructors where there were strings before.
Here is my code: https://github.com/roshkins/sputnik-dao-contract
I'm getting this error:
---- test_multi_council stdout ----
thread 'test_multi_council' panicked at 'Outcome ExecutionOutcome {
logs: [],
receipt_ids: [
`6MxMk3XY6o2VnL4DucLADm86gUJPJHDfecQQ9hUDA72X`,
`7k1jV711STFLKdbznRCvXr27UxJ2WwgZfnoGiZiFrEKm`,
],
burnt_gas: 2428070807578,
tokens_burnt: 242807080757800000000,
status: Failure(Action #0: Can't complete the action because account "base.token" doesn't exist),
If I add an account called "base.token" it throws an error because it's a sub account. I tried changing the accountid of the contract to base.token that also throws that error. Any help?
Edit: I was able to add the following code to change the root account name to base.token:
let mut gen_cfg = GenesisConfig::default();
gen_cfg.init_root_signer(base_token().as_str());
I get a slightly different error now:
thread 'test_multi_council' panicked at 'Outcome ExecutionOutcome {
logs: [],
receipt_ids: [
`6MxMk3XY6o2VnL4DucLADm86gUJPJHDfecQQ9hUDA72X`,
`7k1jV711STFLKdbznRCvXr27UxJ2WwgZfnoGiZiFrEKm`,
],
burnt_gas: 2428070807578,
tokens_burnt: 242807080757800000000,
status: Failure(Action #0: cannot find contract code for account base.token),
} was a failure',
For sub-accounts, you can only create an account if you have keys to the root account. So if you owned token TLA (top-level account) you could create base.token. So you could have token.near as an accountId and then you would be able to create base.token.near. Does that make sense?
Here is some more info on the account model:
https://docs.near.org/docs/concepts/account#subaccounts
Update 1
I've changed the structure of the Hiera data a little and trying a different manifest style.
I'm trying to iterate over the following Hiera hash in a Puppet manifest:
windows-10.yaml:
---
message: "This node is using Windows 10 data"
#profile::hiera_test::backups_enabled: false
profile::hiera_test::firewall:
rule1:
groupName: 'Cortana'
profileNames: ['Private','Public']
action: 'Deny'
rule2:
groupName: 'Microsoft Photos'
profileNames: 'Public'
action: 'Deny'
Although I've updated the data structure and puppet lookup... returns what appears to be valid, I'm not entirely confident in the structure.
I have tried multiple permutations of the manifest. The latest of which looks like the following (based on this answer given by Matt Schuchard):
hiera_test.pp:
class profile::hiera_test (
Hash $data = lookup('profile::hiera_test::firewall', "merge" => 'hash'),
){
$data.each | String $key, Hash $value = {}|{
notify {
default:
name => "Demo_${key}",
message => 'Item DEFAULT',
;
$key:
* => $value,
}
}
}
And the error / output from the above:
PS C:\Users\LocalAdmin> puppet agent -t
Notice: Local environment: 'production' doesn't match server specified node environment 'development', switching agent to 'development'.
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Retrieving locales
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: no parameter named 'groupName' (file: /etc/puppetlabs/code/environments/development/site-modules/profile/manifests/hiera_test.pp, line: 31) on Notify[rule1] (file: /etc/puppetlabs/code/environments/development/site-modules/profile/manifests/hiera_test.pp, line: 31) on node winnode1.domain.com
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Ideally, I want it to work inside a class declaration (why?, because that's about as far as my Puppet learning has got, but happy to further my learning. I'm also using Puppet Enterprise (2019.0.2)).
There are several similar questions around the internet, but they are either out of date (Hiera <5), have incomplete examples including this, or I can't work out how to transpose them into what I need. Apparently create_resources is due for depreciation
?
If anyone can tell me where I'm going wrong that would be great.
I have got a working solution, but hopefully someone can chime in with a better way.
With the example in the question, the line * => $value substitutes * with keys from the Hiera hash. These keys are used as parameters of the notify resource and as per the error, there is no such parameter groupName for notify. I'd either have to change the keys in my Hiera data to match the parameters of notify which wouldn't make much sense or learn how to use the Hiera data keys as parameters...
Anyway, the Hiera data is the same as in the question, but the class is as follows:
class profile::hiera_test (
Hash $data = lookup('profile::hiera_test::firewall', "merge" => 'hash'),
){
$data.each | String $key, Hash $value = {}|{
notify {
default:
name => "Demo_${key}",
message => 'Item DEFAULT',
;
$key:
name => "Demo_${key}",
message => "Output: GroupName: ${value['groupName']}, Profile Names: ${value['profileNames']}, Action: ${value['action']}",
}
}
}
As you can see, I've replaced * with valid parameters of the notify resource.
And the output:
Notice: Output: GroupName: Cortana, Profile Names: [Private, Public], Action: Deny
Notice: Output: GroupName: Microsoft Photos, Profile Names: Public, Action: Deny
Now to replace Notify with the real exec resource. Converting the profileNames array to PowerShell will be fun, I have no doubt.
trying to build a DNS with this module: ref. But getting this error:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, can't convert String into Hash.
I have nested YAML, but not sure if it's correctly formatted or not or problems with something else within my code.
This is my dns profile dns.pp:
class profile::bind {
validate_hash($conf)
$conf = hiera_hash('bind::zone', undef)
create_resources('profile::bind::make::zone', $conf)
}
This is how I define my zone with make_zone.pp:
define profile::bind::make::zone (
$hash_data,
$zone,
$ensure,
$zone_contact,
$zone_ns,
$zone_serial,
$zone_ttl,
$zone_origin,
) {
validate_hash($hash_data)
bind::zone { $zone :
ensure => $ensure,
zone_contact => $zone_contact,
zone_ns => [$zone_ns],
zone_serial => $zone_serial,
zone_ttl => $zone_ttl,
zone_origin => $zone_origin,
}
}
This is my host1.yaml data:
---
version: 5
bind::zone:
zone: test.ltd
ensure: present
zone_contact: 'contact.test.ltd'
zone_ns:
-'ns0.test.ltd'
-'ns1.test.ltd'
zone_serial: '2018010101'
zone_ttl: '767200'
zone_origin: 'test.ltd'
hash_data:
"newyork":
owner: "11.22.33.44"
"tokyo":
owner: "22.33.44.55"
"london":
owner: "33.44.55.66"
bind::cname:
ensure: present
record_type: master
There are a number of mistakes and misunderstandings in the code. I fixed them up so that the code at least compiles and ended up with this.
Changes to profile::bind:
class profile::bind {
include bind
$conf = lookup('bind::zone')
create_resources(profile::bind::make::zone, $conf)
}
Changes to profile::bind::make::zone:
define profile::bind::make::zone (
Enum['present','absent'] $ensure,
String $zone_contact,
Array[String] $zone_ns,
String $zone_serial,
String $zone_ttl,
String $zone_origin,
Hash[String, Hash[String, String]] $hash_data,
) {
bind::zone { $name:
ensure => $ensure,
zone_contact => $zone_contact,
zone_ns => $zone_ns,
zone_serial => $zone_serial,
zone_ttl => $zone_ttl,
zone_origin => $zone_origin,
}
}
Changes to host1.yaml:
---
bind::zone:
'test.ltd':
ensure: present
zone_contact: 'contact.test.ltd'
zone_ns:
- 'ns0.test.ltd'
- 'ns1.test.ltd'
zone_serial: '2018010101'
zone_ttl: '767200'
zone_origin: 'test.ltd'
hash_data:
"newyork":
owner: "11.22.33.44"
"tokyo":
owner: "22.33.44.55"
"london":
owner: "33.44.55.66"
Some explanation:
immediate problem:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Function Call, can't convert String into Hash.
This error was caused because your Hiera data was not correctly structured as a Hash[String, Hash[String, String]]. Notice in the yaml I have removed your key "zone" and created a nested Hash there.
must include the bind class
The camptocamp BIND module requires the bind class to also be declared. See its documentation.
validate_hash function is legacy and in the wrong place
As John Bollinger mentioned in the comment, you had the validate_hash on the wrong line. I think that was a cut/paste issue, because you would have got a different error message if that was really your code. Anyway, since you're using Puppet 5 (I guess that by the version => 5 in your Hiera), don't use the legacy validate functions ; use Puppet's data type validation. So I just deleted that line.
use lookup() instead of hiera_hash()
Again, since you're using Puppet 5, use the lookup() function instead of the deprecated hiera_hash() function.
version 5 belongs in hiera.yaml, not host1.yaml
It won't cause you any problems, but the line version: 5 won't do anything here, and it belongs in your hiera.yaml file. I used a hiera.yaml file as follows for testing:
---
version: 5
defaults:
datadir: data
data_hash: yaml_data
hierarchy:
- name: "Host 1"
paths:
- host1.yaml
zone_ns type confusion
You had 2 problems with the zone_ns - firstly, a typo in your YAML (no space after the -) ; and secondly, you passed in an Array of zone NS's and then tried to coerce the array to an array in your defined type.
zone parameter should be the name var
Notice I had to delete the $zone parameter in your defined type, and I used the special $name variable instead, to get the name from the title.
refactored to use data type validation
Notice how I used Puppet's data type validation on your inputs in the defined type, and then I had no further need for the legacy validate_hash function and other related validate functions. Read more about that here.
I think that's all. Hope that helps!
I'm writing an API that sends stuff through a socket. What I want to do, is have a basic response like so:
{
method: ID,
id: 10
}
The first tag being the type of stuff being sent, and everything after that is content. I can't seem to figure out how to do that with Groovy's JsonBuilder.
I'm reading the documentation for that, and I attempted to do:
String message = builder.value {
method: Method.ID
id: id
}
But it only generates: {value={}}. Also, it contains the value tag (which I don't want).
I tried doing builder {...}, but that caused this error:
Exception in thread "Thread-10" groovy.lang.MissingMethodException: No signature of method: website.DerbyProManagerService.builder() is applicable for argument types: (website.DerbyProManagerService$DerbyProInstance$_newId_closure1) values: [website.DerbyProManagerService$DerbyProInstance$_newId_closure1#6db853f4]
Try this instead:
String message = builder.call {
method Method.ID
id myId
}
I am using simpldb and am trying to save rahul' mehta in simpledb but it is giving me error below :
Code :
function htmlEscape(text) {
return text.replace(/&/g,'&').
replace(/</g,'<').
replace(/"/g,'"').
replace(/'/g,''');
}
console.log(params.filename);
if (params.filename!=undefined) params.filename=htmlEscape(params.filename);
console.log(sys.inspect(params));
sdb.putItem(domain, params.objectid, params, function( error ) {
});
Output :
rahul' mehta
{
filename: 'rahul' mehta',
}
Error :
{"event":"error","errno":"InvalidQueryExpression","message":"The specified query expression syntax is not valid.","queueno":7}
Why this error is coming , how can i solve it ?
This error is because you are trying to run Amazon SimpleDB SELECT Query and syntax of that query is wrong. This may be because in query -- Attribute Value -- must be unclosed with single quotes i.e. 'Attribute Value', and again if -- Domain Name -- and -- Attribute Name -- contains any special characters then they must be unclosed with acute i.e Domain Name OR Attribute Name. I think you are able to save rahul' mehta but when you are trying to get that saved attribute-value, you are getting this error. http://www.sdbexplorer.com/