Running logrotate.d Manually

Sometimes you may need to run logrotate.d manually due to a missed rotation of logs and disk space is running out or you have made a change and you want to check it works before waiting 24 hours.

On Debian based systems I run this command:

[email protected]:~$ sudo logrotate -vf /etc/logrotate.conf

Great article on using tar in Linux

A great article on using the tar command with Linux at “The Geek Stuff” website.

The Ultimate Tar Command Tutorial with 10 Practical Examples

Example of creating a basic tar file compressed:
tar cvzf archived_compress.tar.gz home/
The above command will create a tar compressed file named “archived_compress.tar.gz” of the Home directory.

View the article for more.

AD Snapshots with WS2008 R2

Windows Server 2008 R2 features AD snapshots and recovery functions, allowing you to take a snapshot of AD at some point in time and then restore it or browse that snapshot.

If you are running WS2008R2 then it’s a good idea to schedule a snapshot to occur automatically. However some backup software will already being doing this for you such as DPM2010 or some other 3rd party tools, still you might want to play safe or have a second backup for peace of mind.

Run a snapshot manually with:

  1. Run a elevated Command Prompt and domain admin rights with the account.
  2. Type ntdsutil and press enter
  3. Type snapshot and press enter
  4. Type activate instance ntds and press enter
  5. Type create and press enter

You can also script it with a very simple single line command of:
ntdsutil snapshot “activate instance ntds” create quit quit

References:
Excellent article at Simple-Talk.com, use this to get started:
http://www.simple-talk.com/sysadmin/general/active-directory-snapshots-with-windows-server-2008/

Microsoft:
http://technet.microsoft.com/en-us/library/cc771290%28WS.10%29.aspx

Wireshark Book and Website

Great Wireshark Book that I’m going to order, here is a run down:

Wireshark Network Analysis is the result of over 20 years of packet-level analysis and troubleshooting. At 800-pages, Wireshark Network Analysis is the ultimate reference guide focusing on Wireshark functionality as well as TCP/IP traffic interpretation.

  • Learn the most efficient methods for capturing wired and wireless traffic
  • Identify the cause of poor performance and stop the finger pointing
  • Use Wireshark charts and graphs to “draw a picture” of network behavior
  • Customize Wireshark for more efficient troubleshooting and security analysis
  • Build advanced filters to identify unusual traffic patterns caused by poorly performing network devices and applications, network scans and breached hosts

WebSite: http://www.wiresharkbook.com

Also check the Coffee and a Quickie section: http://www.wiresharkbook.com/coffee.html

Clean up aptitude and yum caches

Debian/Ubuntu:
Use aptitude on Debian and then Ctrl-T in the menu to perform clean up of aptitude cache.

apt-get commands:
To reclaim the space, use the following commands:

 sudo apt-get autoclean 

This command remove from the cache packages .deb that have an older release than the programs you have installed.

 sudo apt-get clean 

Remove all the packages from the cache. The only drawback might be is if you want to reinstall a package, you have to download it again.

 sudo apt-get autoremove 

This command deletes orphaned packages, or dependencies that are installed after you install an application and then remove it, so they are no longer needed.

dpkg is sometimes required, show you a list of packets you can purge:

 sudo dpkg --get-selections | grep deinstall 

More details from Linuxaria article:

http://linuxaria.com/howto/how-to-free-some-space-with-apt-get?lang=en

CentOS/RedHat/Fedora:

If you’ve been messing about with downloading and installing third party repositories, and have subsequently deleted your explorations, what you may not know is that your old files may still be junking up your repository cache. To clear the thing out, and speed up your server, commit the following lines to terminal:

sudo yum clean packages
sudo yum clean headers

These commands will purge your yum system by removing old packages. The header command cleans the repositories as well. If you want to run both commands as in packages and headers, then use:

sudo yum clean all

Use PStools to collect Windows Security Logs (Pauldotcom)

This a great tech segment from the Pauldotcom Security weekly podcast http://www.pauldotcom.com – probably one of the best tech segments that’s been useful in several real practical scenarios.

Here is the Wiki Link:
http://pauldotcom.com/wiki/index.php/Episode187#Tech_Segment:_Automating_log_history_collection_on_windows