If you don’t know by now, Microsoft has created Windows Subsystem for Linux (WSL). I am not going to do a deep dive into how this works (read here to know more), but I will offer a simple what does this mean to us. It means Windows users now have a native (Ubuntu) Linux shell on Windows without using additional virtualization software such as VirtualBox or VMware’s vSphere Desktop. You can use all the things like sed, awk, grep, ssh, and more within Windows. This is all awesome, however the one thing that sucks is the terminal. It’s pretty basic and doesn’t allow tabbing or panes and there really isn’t an alternative terminal for WSL. You could use a Cygwin based solution, but then you’re getting away from the point of WSL. So, I offer you to take the time and learn how to use tmux! This is actually geared toward allowing multiple connections into the same shell. Think of it as having multiple users all connected to the same terminal session. It’s great for getting help from someone remotely or showing others how to do something in shell without everyone hovered over a single screen. Now here is where it becomes really neat for WSL, tmux allows for multiple windows (think tabs) and panes! This instantly makes the generic WSL Terminal much more usable. You can now open up a WSL Terminal and fire up tmux (which is already installed) and start creating multiple windows and panes to work more efficiently.
- To start a tmux session use: tmux new -s <session name>
- To create another windows: ctrl + b then c
- To change to the next window: ctrl + b then n
- To split panes horizontally: ctrl + b then “
- To split panes vertically: ctrl + b then %
- To switch the active pane: ctrl + b then o
Here is a decent tmux cheat sheet that will provide most of your needs -> https://tmuxcheatsheet.com/
Here is an example where I have created 2 windows (named window1 and window2), then I split the first window into 3 panes. Excuse the crappy drawing..
Here I wrote a script that allows you to enable real-time search for a role and set a timer for it to disable again automatically. I came up with the idea because we wanted the ability for people to use real-time search, but without the fear of them abusing it. I used a Splunk API and a little Bash Shell scripting to make this work. It works like this, you kick off the script on the SH passing it the role and the time (in minutes) that you want it to be enabled for. The script uses an API call to add the rtsearch capability to the role and the removes it again when the timer expires. I designed this script so that it will collect the current role capabilities before anything is changed so that after the timer expires it can restore the capabilities back to what they were without rtsearch. This script could easily be converted to accept any capability as another argument and allow you to add anything you want other than rtsearch.
Script after the break..
Our Splunk environment uses nearly a thousand indexes per region or cluster with many more being added daily. Why so many indexes, well it’s all about administration. Let us say you have 5 separate websites or apps and each of the sites are managed by a separate team. Maybe each of these sites has a test and production instance, so for each site there is an index for test and an index for production. This means we have 10 indexes now for these 5 sites and those indexes can be specifically assigned to individual teams. Now imagine our environment with hundreds of sites with different environments and most of these managed by different teams. That is how we have such a large number of indexes with more being added every day. So the standard process of adding indexes just doesn’t make sense for our needs. So, I created some bash scripts that are run by cron jobs to automate the process.