Press ESC to close


Automated SSL Labs testing with Opsview

In this blog I will cover how you can use a Nagios plugin to automatically test your websites SSL security strength on a daily basis, and alert you when it drops below a certain score – thus increasing the likelihood of a security breach.

Nagios plugins and Splunk.. wait, what?

Recently i’ve been on a bit of a tear with my infrastructure, moving from Apache to Nginx and migrating to new hardware (I moved from my beloved 25KG Fractal Define XL to a new mATX box that is 25% the size.. i call it ‘wife friendly infrastructure’!).

In my infrastructure of many ridiculous things, I use Opsview to monitor server temperatures (CPU/HDD/RAM), free space on my logical volumes, SMART status, RAID status and a few other things (systemd service status, etc). I then use Splunk Light to parse and display information gathered from logs for my web applications: ownCloud, Opsview, etc and also the logs forwarded from my router which handles port forwarding into the LAN (so i can see all the naughty port scanners..tsk tsk).

One thing I was always curious about was how could I get Splunk to analyse and interpret data generated by the Nagios (c) or Monitoring Plugins ran by software such as Opsview, Nagios, Icinga 2, or pretty much any monitoring tool out there.

Fail2ban for Opsview Monitor

This guide will show you a very quick and dirty way to use Fail2ban to prevent brute-force attacks on your Opsview Monitor 5.0 server. This should work the same for Opsview 4.x servers, but I havent tested it.

Fail2ban, for those who arent familiar, is “an intrusion prevention framework written in the Python programming language. It works by reading SSH, ProFTP, Apache logs etc.. and uses iptables profiles to block brute-force attempts.” (src:

Setting up a RELK stack from scratch (Redis, Elasticsearch, Logstash and Kibana)

Recently I thought i’d re-do all of my ELK stack setup, as i didnt fully understand every facet of it and i was really interested in introducing Redis into the mix. I’ve also messed around with the existing Kibana and Logstash front-end to the point it was fairly bricked, so it was ripe for a change.

What I wanted to get to, was having my 2 servers and my main router having their logs and syslog data sent into my log box so I could view and correlate across multiple systems.

Integrating Opsview with ELK Log Monitoring

This is a brief blog post to explain how I quickly integrated my existing Opsview server, with my existing ELK deployment. I basically wanted a way that within Opsview, i can see that a host has failed or is having problems and go “Hmm, lets have a look at the logs to see whats happening” without:

A) Having to SSH to the box and start tailing or

B) Have to fire up ELK and start filtering.