Wednesday, January 25, 2006

Tuesday, January 24, 2006

"I don't think anybody anticipated the breach of the levees. They did anticipate a serious storm," Bush said in a Sept. 1 interview on ABC's "Good Mor

"Brownie, you're doing a heck of a job."

Sphere: Related Content

tons o' guns

Girl Shot in Daycare Center After Gun Goes Off in Playmates Backpack

tons o' guns everybody's getting strapped
tons o' guns got to watch the way you act
tons o' guns real easy to get
tons o' guns bringing nothing but death
tons o' guns are in the streets nowadays
it's big money and you know crime pays
check your nearest overpopulated ghetto
they greet you with a pistol not trying to say hello
mad kids packed 'cos the neighbourhood's like that
want some shit that's fat catch a victim do a stick
kids pulling triggers, niggas killing niggaz
five-o they sit and wait and tally death-toll figures
it's crazy there ain't no time to really chill
jealous motherfuckers always want to act ill
22's 25's 44's 45's
mack elevens ak's taking mad lives
what the fuck you gonna do in a situation
it's like you need to have steel just to feel relaxation
tons o' guns

tons o' guns you got we got they got
the state of affairs yo it's like mad chaos
i know a kid who just passed the other day
they shot him sixteen times so there he lay
you can pray for this shit to like cease
but until then a nigga's going to pack a piece
and yo the devil's got assasination squads
want to kill niggaz 'cos they're scared of god
they got camps where they train they learn to take aim
at a nigga like a piece of game
and i'm not seeing that, them days are gone
'cos now we got [chromes] to put them where they belong
so me a rude boy from and in a brooklyn
fuck the bullshit pain and suffering
i'm coming off with a foolproof plan
as if each every lyric was worth a hundred grand
i stand in the face of hatred
letting off mad shots making devils run naked
tons o' guns

tons o' guns everybody's getting strapped
tons o' guns got to watch the way you act
tons o' guns real easy to get
tons o' guns bringing nothing but death
tons o' guns but i don't glorify
'cos more guns will come and much more will die
why, yo i don't know black
some motherfuckers just be living like that
they like to feel the chrome in their hands
the shit makes them feel like little big man
twelve years old catching wreck
'cos there ain't no supervision putting kids in check
people get wounded, others they perish
and what about the mother and the child she cherish
the city is wild up steps the wild child
tension anger living in danger
what the fuck you gonna do in a situation
it's like you need to have steel just to feel relaxation
tons o' guns

Sphere: Related Content

Sunday, January 22, 2006


The location: Evvia
The address: 420 Emerson, Palo Alto, CA
The date: January 19, 2006
The time: a few minutes past 8:00 PM
The lineup: Demetri, Laine, Sophie, Guy in Suit, Matrre D, Receptionist
The intro: "Sophie"
The question: "What are you doing here?!?"
The answer: hedge funds (or maybe it was fund of hedge funds)
The contact: aikorn
The perception: being given the slip
The reality: not being given the slip

Sphere: Related Content

Thursday, January 19, 2006

G Love and Special Sauce 1/28/06

The blog has been a bit on the geeky side lately so lets switch it up to include some information about the local music scene. I'm here to tell you that my favorite touring act, G Love and Special Sauce is coming to San Francisco! The concert is at the Warfield on January 28th so get your tickets now!

1.28.2006 Warfield Theatre San Francisco, California
Headlining: G. Love & Special Sauce
Tickets: ADV: $25.00 DOS: $25.00
Age: All Ages
Doors Open: 1:00:00 PM

Sphere: Related Content

Wednesday, January 18, 2006

Splunk, syslog-ng, stunnel, PGP, SMTP (down with NFS)

I wrote before about how I set up splunk with syslog-ng. Here's another improvement, add stunnel. Some init scripts are in order, but I'd like to take my time with them so use your imagination in the meantime, enkay?

Stunnel -- Universal SSL Wrapper

Example from


Stunnel -- Universal SSL Wrapper

stunnel -c -d 5140 -r loghost:5140

Then I have syslog-ng write to the stunnel port on localhost:

destination loghost {
tcp("" port(5140));
log {

The central loghost listens on port 5140 and redirects that connection to port 514, where syslog-ng is listening:

stunnel -p /etc/stunnel/stunnel.pem -d 5140 -r

More info

Now we're talking.

What about PGP encrypted SMTP as a transport? Email log rolling. That sounds good too. Those two together give real time and archival modes to mix and match in your environment. Pretty good.

Oh yea, don't forget GFS, the filesystem from the company formerly known as Sistina.

Sphere: Related Content

Intergalactic Planetary Planetary Enter Reactrix

PR Newswire reported that New Study From Arbitron Reveals Strengths of Reactrix Place Based Interactive Advertising Platform. Abritron study summary here.

More info

Another blog post about them from kobayashi5. Thanks for the image above.

Reactrix images

Sphere: Related Content

Monday, January 16, 2006

Splunk and syslog-ng

I setup splunk at the office today. Well, I should say I continued to set it up. Today's task was really about incorporating a centralized syslog-ng host with splunk. I'm here to tell you it was pretty easy. Here's what I did:

1. Download syslog-ng RPM here: RPM

2. Make some syslog-ng configuration changes like so:

[root@demetri05 root]# cat /etc/syslog-ng/syslog-ng.conf
# syslog-ng configuration file.
# This should behave pretty much like the original syslog on RedHat. But
# it could be configured a lot smarter.
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
# 20000925
# Updated by Frank Crawford () - 10 Aug 2002
# - for Red Hat 7.3
# - totally do away with klogd
# - add message "kernel:" as is done with klogd.
# Updated by Frank Crawford () - 22 Aug 2002
# - use the log_prefix option as per Balazs Scheidler's email

options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no);
use_fqdn (no);
create_dirs (yes);
keep_hostname (yes);

source s_sys { pipe ("/proc/kmsg" log_prefix("kernel: ")); unix-stream ("/dev/log"); internal(); };
source r_src { tcp(ip("") port(514)); };

destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };
destination d_mail { file("/var/log/maillog"); };
destination d_spol { file("/var/log/spooler"); };
destination d_boot { file("/var/log/boot.log"); };
destination d_cron { file("/var/log/cron"); };
destination d_mlal { usertty("*"); };
destination d_kernel { file("/var/log/kern"); };
destination d_remote { tcp("" port(514)); };

destination dr_cons { file("/dev/console"); };
destination dr_mesg { file("/var/log/remote-syslog-ng/$HOST/messages"); };
destination dr_auth { file("/var/log/remote-syslog-ng/$HOST/secure"); };
destination dr_mail { file("/var/log/remote-syslog-ng/$HOST/maillog"); };
destination dr_spol { file("/var/log/remote-syslog-ng/$HOST/spooler"); };
destination dr_boot { file("/var/log/remote-syslog-ng/$HOST/boot.log"); };
destination dr_cron { file("/var/log/remote-syslog-ng/$HOST/cron"); };
destination dr_mlal { usertty("*"); };
destination dr_kernel { file("/var/log/remote-syslog-ng/$HOST/kern"); };

filter f_filter1 { facility(kern); };
filter f_filter2 { level(info) and
not (facility(mail)
or facility(authpriv)
or facility(cron)
or program("kernel")); };
filter f_filter3 { facility(authpriv); };
filter f_filter4 { facility(mail); };
filter f_filter5 { level(emerg); };
filter f_filter6 { facility(uucp) or
(facility(news) and level(crit)); };
filter f_filter7 { facility(local7); };
filter f_filter8 { facility(cron); };
filter f_kernel { level(info) and program("kernel"); };

#log { source(s_sys); filter(f_filter1); destination(d_cons); };
log { source(s_sys); filter(f_filter2); destination(d_mesg); };
log { source(s_sys); filter(f_filter3); destination(d_auth); };
log { source(s_sys); filter(f_filter4); destination(d_mail); };
log { source(s_sys); filter(f_filter5); destination(d_mlal); };
log { source(s_sys); filter(f_filter6); destination(d_spol); };
log { source(s_sys); filter(f_filter7); destination(d_boot); };
log { source(s_sys); filter(f_filter8); destination(d_cron); };
log { source(s_sys); filter(f_kernel); destination(d_kernel); };

#log { source(r_src); filter(f_filter1); destination(dr_cons); };
log { source(r_src); filter(f_filter2); destination(dr_mesg); };
log { source(r_src); filter(f_filter3); destination(dr_auth); };
log { source(r_src); filter(f_filter4); destination(dr_mail); };
log { source(r_src); filter(f_filter5); destination(dr_mlal); };
log { source(r_src); filter(f_filter6); destination(dr_spol); };
log { source(r_src); filter(f_filter7); destination(dr_boot); };
log { source(r_src); filter(f_filter8); destination(dr_cron); };
log { source(r_src); filter(f_kernel); destination(dr_kernel); };
log { source(s_sys); destination (d_remote); };

# vim: syntax=syslog-ng

3. Edit the Splunk Indexing Live Files (Tailing Processor) like so:

I used the segment number method for specifying my hostname. There were other options as well.

Then I pointed my browser to my splunk box and started going at it.

Pretty neat.

Sphere: Related Content

Thursday, January 05, 2006