Tuesday, February 13, 2018


We were looking at some of the search queries that are collected from the community of those using  logs from an identity provider:

We were discussing how the additional lines around a match provide additional attributes that may now be searched for direct information or indirectly tagged and counted as contributing towards the tally for the labels.
In the logs, we can leverage protocols other than http and oauth. For example, if we use SAML or other encrypted but shared parameters, we can use it for correlations. Similarly, user agents generally give a lot of information about the origin and can be used to selectively filter the requests. In addition to protocols, applications and devices contributing to request parameters, cookies may also store information that can be searched when they make it to the logs. Most mobile devices also come with app stores from where packet capture applications for those devices can be downloaded and installed. Although the use of simulator and live debugging does away with the use of packet capture applications, they certainly form a source of information.

The logs for mobile devices can also be shared especially if they are kept limited and small with a finite number of entries.

48) Pivoting – Request parameters that are logged can be numerous and often spanning large text such as for tokens. Moreover, pivoting the parameters and aggregating the requests based on these parameters becomes necessary to explore range, count and sum of the values for these parameters. In order to do this, we use awk and datamash operators.

49) grouping selections and counting is enhanced with awk and datamash because we have transformed data in addition to the logs. For example, if we are searching for http requests grouped by parameters with one for each request, then we could include the pivoted parameters in aggregations that match a given criteria.

50) In the absence of an already existing tags for these pivoted request parameters and their aggregations, we can now create new tags with search and replace command in the same logic as above but with piping operation.

#codingexercise:

Determine fourth order Fibonacci series:
T(n) = Fib (Fib(Fib(Fib(n))))

generate maze

for (int i=1; i<ROWS; i++) {
  for(int j=1;j<COLS;j++) {
    String c = (Math.floor((Math.random()*2)%2)) ? "|" : "__";
    Console.Write(c);
  }
  Console.Writeline("<br/>");
}

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)