December 20, 2020

How to Post to Twitter From PHP

As a fun little project, I decided to write a PHP script to post jokes and random bits of wisdom to Twitter. Now, I could easily have just logged in to Twitter each time I wanted to share something, but knowing my schedule and track record for follow-through, I instead decided to write a script to send the information to Twitter automatically from some great sources on my local linux install and an API call to https://icanhazdadjoke.com.

read on

December 6, 2020

Logon and Logoff Times for Windows Users (Splunk)

A common Splunk question I am asked is what is the easiest way to determine the duration for an account logged into Windows. While there are many opportunities for erroneous data because a user may be logging into several services on different machines at the same time, a report can be generated along the following lines:

sourcetype=WinEventLog:Security
(EventCode=4624 OR EventCode=4634)
| eval day=strftime(_time,"%m/%d/%Y")
| stats earliest(_time) AS logon latest(_time)
 AS logoff by user host day
| eval logon=strftime(logon,"%m/%d/%Y %H.%M.%S"),
 logoff=strftime(logoff,"%m/%d/%Y %H.%M.%S")

To limit the results to a particular machine, you can either adjust the search to include the particular machine you are looking for or conversely exclude common machines from the report.

read on