How to enable scp [Cisco ASA]

asa(config)#ssh scopy enable
asa(config)#

$ scp Downloads/asdm-7101.bin admin@10.10.10.100:.
admin@10.10.10.100's password: 
asdm-7101.bin  

Print file (cat) without comments and empty lines

$ cat /etc/postfix/main.cf | egrep -v "(^#.*|^$)"

egrep -v      means leave the following out
^#.*          means patterns that begin with a #
|             means or
^$            means patterns that are empty

or

cat /etc/postfix/main.cf | egrep -v "^\s*(#|$)"

rsync over ssh with specific port

#find /archiv/storage/* -type d -ctime +7 -exec /usr/bin/rsync  -av -e "ssh -p 22222" /mnt/archiv/$datum/ root@remote-ip:/mnt/storage/ {} \;

How to upgrade C3650/C3850 stack

Ako prve odmazeme “neporiadok” ktory zostal po starom sw.

# software clean 

Nakopirujeme novy balik na zariadenie. Je viacej moznsti ale najrychejsia je z USB ak je tato moznost.

#copy usbflash0:/cat3k_caa-universalk9.16.09.04.SPA.bin flash:/

Dobrym zvykom je overit md5sum ci sa subor spravne nakopiroval. Sum by mal byt totozny s USB.

#verify /md5 flash:/cat3k_caa-universalk9.16.09.04.SPA.bin
#verify /md5 usflash:0/cat3k_caa-universalk9.16.09.04.SPA.bin

V nejakom navode som videl ze pre upgrade major verzii v tomto pripade z 3.x.x -> 16.x.x je vhodne nanovo vygenerovat rsa kluce.

(config)#crypto key rsa general-keys modulus 1024

A mozeme spustut samotnu instalaciu. Instalator prekopiruje sw na zvysnych memberov v stacku a nasledne spustu instlaciu.

#software install file flash:/cat3k_caa-universalk9.16.09.04.SPA.bin switch 1-4 verbose new force

Na zaver rebootneme stack a ulozeme konfiguraciu

reload stack now?: yes
system configuration: save?: yes

Nasledne sa cely stack rebootne do novej verzie. Ak sme s novou verziou spokojny upraceme po sebe.

#request platform package clean switch all file flash:

ELK – [FORBIDDEN/12/index read-only

Problem:

elasticsearch.exceptions.AuthorizationException: AuthorizationException(403, 'cluster_block_exception', 'blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];')

Solution

curl -XPUT -H "Content-Type: application/json" http://localhost:9200/_all/_settings -d '{"index.blocks.read_only_allow_delete": null}'

Tento problem nastava ak dochadza miesto. ELK ma default nastavene ze musi byt minimalne 15% volneho miesta. Ak je tato hranica prekrocena ide do read-only. Pre rotaciu logov je vhodne nakonfigurovat utiltu curator, ktora sa postara o premazavanie logov.