BigBulls Game Series- Patching MongoDB using Ansible

MongoDB is the most popular NoSQL and an open-source document-oriented database. The term NoSQL means ‘non-relational’.This simply means mongo does not base on a table-like relational database structure. It is moreover a schemaless database. In Mongo information is stored in JSON-style documents.

Continue reading “BigBulls Game Series- Patching MongoDB using Ansible”

Learn the Hacks for Running Custom Scripts at Spot Termination

Nowadays, it is very common to run applications on Spot instances. In this scenario, where a spot instance could be terminated at any point of time because of AWS pulling back their resource or ASG Scale-In incident, we need to have something in place to handle the termination smoothly so that we can complete our final tasks before the system shutdown. It could be executing some scripts, unmounting some storage device, shipping final log files to S3, or uploading cache data in a centralized server like Redis.
Today, I will attempt to cater to this problem.

First of all, let’s think of trying to run a custom script prior to shutdown in our local system. If everything works fine, the same would be applicable for ec2 spot instances too.

Continue reading “Learn the Hacks for Running Custom Scripts at Spot Termination”

The Step-By-Step Guide to Connect Aws with Azure

As we all know AWS and Azure are the two Cloud providers and there can be possibilities that one of our services is running on one cloud provider and the other is running on another cloud provider and, both are dependent on each other.

Through this blog, I will guide you on the steps which will be needed for connecting AWS with Azure and also will be explaining all the components of both the cloud provider that will be required for creating the site-to-site VPN Connectivity.

Why are we trying to connect both?

In one of my projects, I met with a requirement where I was working on an application that follows a client-server architecture. There were servers connected to multiple clients. Initially, the Server was placed into AWS and the connected clients were also there, but after a couple of years our requirements got changed and a new business unit came into the picture with its own clients that were needed to be connected with the server present in the AWS cloud.

Now, these new clients were present on Azure but the server was on AWS. Migration of server was not an option for us because our customer was not ready to migrate those clients from Azure to AWS, so this was a completely new use case, to which we decided to connect both the cloud providers with each other by setting up IPSec VPN tunnel.

Continue reading “The Step-By-Step Guide to Connect Aws with Azure”

HOST-BASED INTRUSION DETECTION USING OSSEC

What is Ossec :

It claims to be the world’s most widely used open-source host-based intrusion detection system. In short, we can call it HIDS. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. This is made up of two parts: Ossec server and Ossec agent. The Ossec server is used to monitor other servers that we call Ossec agents. At any time, an agent can be added to the Ossec server for its monitoring and can be removed. For that, server and agent connections need to be established, which we will be discussing. It also provides a Web interface for showing all alerts, logs, and agent information.

Possible scenarios that you might face of Intrusion on your servers:

1) Attacker launched a brute force attack against your machine. Now you need to track him. For that, you need his IP address. First, on your Ossec server, do:

cat/var/ossec/logs/alerts/alerts.log

Where you find Source IP against the alert of SSH insecure connection attempt rule. Secondly, we can get it from a UI-based alert.

Continue reading “HOST-BASED INTRUSION DETECTION USING OSSEC”

Four Main Metrics of Prometheus

Let’s first understand what Prometheus is:

Prometheus is an open-source monitoring solution built primarily for gathering and analyzing time-series data, with specific built-in tools making it appropriate for monitoring Kubernetes and other containerized environments. It is a cross-platform monitoring tool that lets you collect metrics from servers, containers, and applications and work with them all in the same way.

Now let’s understand Prometheus Architecture to know how it works:

Prometheus is a multi-component system. While the following integrates into a Prometheus deployment, there is flexibility in which of these pieces are actually implemented.

Continue reading “Four Main Metrics of Prometheus”