By Splunk June 18, 2012
This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: seeing regexes under the bed, robot dancing, cutting edge solutions, and server naming conventions.
The regexes have eyes
As long as they’re smiling, it’s probably fine:
<RichPresc> lilith: try this regex – ‘Virtual Device Name\=([^140demo][A-Za-z0-9]+_)?([^exch^][A-Za-z0-9]+_)?([^_^\r^\n]+(_\d)?)+\r?\n?’
<RichPresc> You’ll want capture group $3
<RichPresc> standardized naming conventions ftw
<mcinerne2> is it bad when you see emoticons in regex?
<RichPresc> =^_^=
<duckfez> o_O
<mcinerne2> yup, i am in a nightmare
<yann> [^*]..[^*]
<duckfez> where’s sophy when you need her?
Now do a little dance
Splunky the docs bot as lyricist:
<@Coccyx> !spec top
<@Splunky> http://www.splunk.com/base/Documentation/latest/SearchReference/Top
<@Coccyx> !spec head
<@Splunky> http://www.splunk.com/base/Documentation/latest/SearchReference/Head
<^Brian^> !spec shoulder
<^Brian^> !spec knees
<^Brian^> !spec toes
<@Coccyx> lol
Physical security isn’t always the right answer
But Drainy has a Gordian solution:
<geekporn> okay, another question, I am looking for a way to limit what piped search commands a user can call, instance, the only search command I want users to use is ‘reverse‘, and I want to restrict access to timechart, chart, stats, transactions, rex, etc, etc. I am looking on answers.* and authorize.conf but don’t see where that is possible
<Drainy> hmm
<geekporn> gosh, I can’t create a proper sentence
<splunkmas> Make a dashboard that does everything for them, and only allow the dashboard?
<splunkmas> allow use of the dashboard*
<Drainy> geekporn: you could remove all keys except for r e v s ? They can’t construct any of the other commands from those letters
<geekporn> yes, it is an option, unfortunately we have a few hours to release something to users, new environment, etc, etc
<geekporn> Drainy: you lost me 😀 sorry
<geekporn> Drainy: keys?
<wilco> from their keyboards
<Drainy> get a flat edge, and prise them up off the keyboard 
<geekporn> LMAO
A server by any other name…
…is not half as badass^Wnerdy:
<^Brian^> hrrmm..maybe I should have choosen different server names for that jira
<DaGryph> Why’s that?
<^Brian^> DaGryph: my server names are optimus, megatron, bumblebee and wheeljack
<DaGryph> Lol
<JoeTron> mine are named after pornstars and greek gods
<JoeTron> 😉
<DaGryph> XD
<DaGryph> Mine are usually Final Fantasy Aeons like Ifrit, Shiva, Bahamut…
<JoeTron> oh that is genius
<JoeTron> FF7 still the best, waiting for the remake
<DaGryph> The more powerful the server, the beefier the name. Bahamut is my uberserver. My HP Microserver is Carbuncle. XD
<Ayn> JoeTron: +1
<^Brian^> these are all vm’s on my mac. Optimus / megatron = indexers, bumblebee = uf sometimes search head, and wheeljack = sh / license master
<mlanghor> DaGryph: what happens when you buy a bigger box than the current Bahamut?
<DaGryph> Eden
<jrodman> ah the nerdery!
<jrodman> my selections have generally been dr who planets
<DaGryph> If I have to, I’ll dive into older FF’s to get powerful ones.
<JoeTron> lol
<mlanghor> 😉
<DaGryph> jrodman: That’s Brilliant
<jrodman> if you insist
<jrodman> i’m typing to you from calufrax currently
<DaGryph> Mmm, ood…
<jrodman> I used to run two database servers Aneth and Crinroth, a mini-cluster
<jrodman> (mmm.. dumb sounding sci fi names)
<JoeTron> i always wanted to name a cluster of DC’s that i worked on, dumb and dumber
<DaGryph> Lol!
----------------------------------------------------
Thanks!
rachel perkins