Using KQL to search on subnets - subnet

I want to search something for IP's coming from a specific set of subnets. Some query languages are smart enough to know a /24 is a subnet, but KQL is not. Is there an alternative to this? This is not what I'll be searching on, but for the sake of example let's say you want to search on SignIn logs but only from machines in the 192.168.1.0/24

Please check:
https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/ipv4-is-matchfunction
datatable (ip:string)
[
'192.168.1.64', // match
'192.168.2.11', // no match
]
| where ipv4_is_match(ip, '192.168.1.0/24')

Related

Search a nested dictonary

I have a nested dictionary containing locations, equipment, and IP addresses. I want to prompt users to search locations to retreive the IP addresses of that locations. I cannot get the if/else statement to work. I get a keyerror if I mistype or type a nonexistent key. I am obviously a beginner in Python, and I am hoping for some best practices in this case.
`xray = {
"Site1":{"xray1": "10.235.142.128"},
"Site2":{"xray1": "10.41.128.68"},
"Site3":{"xray1": "10.235.103.128", "xray2": "10.235.103.192", "xray3": "10.235.103.191"},
}
search = input('Name of site: ').title().strip()
result = (xray[search])
if search in xray:
for k in result:
print(f"{search} har: {k} - IP {result[k]}")
else:
print(' Location not in list')`

Trouble getting a SPARQL query using a URI

I'm having trouble acquiring instances from a subclass on Protege using SPARQL. The task is to create an ontology using information from a Website. To start this I have tried to get the contact information such as the Email addresses and Phone Numbers. I have provided screenshots of the Classes and Individual Tabs below:
Classes:
Individuals:
I want it to display a list of the two email addresses. I heard there was a way to get them using the URI.
How do I get the URI and how do I enter it after the rdf:type in the query's code?
As you can see in your screenshot, the URI of the 'Contact Email' class is http://www.semanticweb.org/cthom/ontologies/2021/untitled-ontology-34#Contact_Email. So, to get all instances of this class, you can use the following SPARQL query:
select ?contactEmail
where { ?contactEmail a <http://www.semanticweb.org/cthom/ontologies/2021/untitled-ontology-34#Contact_Email> }
Tip: try one of the online SPARQL tutorials to get a bit more familiar with the language.

Test if Wireless Adapter is Working Before Resetting

Is there a simple way to prove if a network adapter is working? Perhaps some IP like localhost (127.0.0.1) which is always available regardless of which network I'm connected to; only one that only shows if my wireless network adapter's working? Or perhaps there's some simple diagnostic check to confirm this?
I've tagged this question as PowerShell as that's my preferred language; but I can figure out ways to integrate with any other solutions which may be suggested.
Tried so far
I thought of checking the adapter's properties and found there is a status and an IP; I figured that if there were an assigned IP or a connected status that would prove that all's working; sadly those properties are blank and unknown, so I can't use them.
$adapter = Get-WmiObject -Class Win32_NetworkAdapter | Where-Object {$_.Name -like '*Wireless*'}
$adapter.Status #returns 2; i.e. unknown
$adapter.NetworkAddresses #is blank
Background
I have an issue where I hibernate my laptop whilst docked then bring it back online no longer docked it loses its wireless connection and requires that the adapter be restarted. The same issue is mentioned in this post: Command/Powershell script to reset a network adapter
I'm hoping to use the above code to automatically resolve the issue by scheduling a task to run when my computer comes out of suspension (e.g. https://superuser.com/a/149924/156700).
Sometimes I'll be on my home network, where the only device to ping is my router, sometimes I'll be on my office network where there's a range of machines I could ping, and sometimes I'll be elsewhere... so determining a good target candidate to test whether my network adapter needs a restart by pinging some external device is more complex than ideal.
I want to run a test before resetting so that I only reset when required. It will also be useful to check once a reset has completed should I wish to queue other tasks which require network presence to complete.
It seems the WMI class Win32_NetworkAdapter has an Availability property.
https://msdn.microsoft.com/en-us/library/aa394216(v=vs.85).aspx
There are a range of values which could represent "working"; for now I've gone with only status 3; i.e. where everything's working 100% as expected / there's no concerns about potential degredation. That may be something worth amending depending on scenario.
function Test-NetworkAdapter {
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[string]$AdapterNameMask
,
[Parameter(Mandatory = $false)]
[int[]]$HealthyStatusses = #(3) #100% working on full power; for list of other possible values, see https://msdn.microsoft.com/en-us/library/aa387884(v=vs.85).aspx
)
process {
Get-WmiObject -Class Win32_NetworkAdapter `
| Where-Object {$_.Name -like $AdapterNameMask} `
| Select-Object #{Name='Working';Expression={$healthyStatusses -contains $_.Availability}}
}
}
function Reset-NetworkAdapter {
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[string]$AdapterNameMask
)
process {
Get-WmiObject -Class Win32_NetworkAdapter `
| Where-Object {$_.Name -like $AdapterNameMask} `
| %{ #in case multiple matches, loop through all
$_.Disable()
$_.Enable()
}
}
}
[string]$wirelessAdapterMask = '*Wireless*'
#I could probably improve this to cope better should there be multiple matches / only resetting those with issues... but for now this meets my requirement
if (-not (Test-NetworkAdapter $wirelessAdapterMask)) {
Reset-NetworkAdapter $wirelessAdapterMask
}

How to check which SQL query is so CPU intensive

Is there any possible way to check which query is so CPU intensive in _sqlsrv2 process?
Something which give me information about executed query in that process in that moment.
Is there any way to terminate that query without killing _sqlsrv2 process?
I cannot find any official materials in that subject.
Thank You for any help.
You could look into client database-request caching.
Code examples below assume you have ABL access to the environment. If not you will have to use SQL instead but it shouldn't be to hard to "translate" the code below
I haven't used this a lot myself but I wouldn't be surprised if it has some impact on performance.
You need to start caching in the active connection. This can be done in the connection itself or remotely via VST tables (as long as your remote session is connected to the same database) so you need to be able to identify your connections. This can be done via the process ID.
Generally how to enable the caching:
/* "_myconnection" is your current connection. You shouldn't do this */
FIND _myconnection NO-LOCK.
FIND _connect WHERE _connect-usr = _myconnection._MyConn-userid.
/* Start caching */
_connect._Connect-CachingType = 3.
DISPLAY _connect WITH FRAME x1 SIDE-LABELS WIDTH 100 1 COLUMN.
/* End caching */
_connect._Connect-CachingType = 0.
You need to identify your process first, via top or another program.
Then you can do something like:
/* Assuming pid 21966 */
FIND FIRST _connect NO-LOCK WHERE _Connect._Connect-Pid = 21966 NO-ERROR.
IF AVAILABLE _Connect THEN
DISPLAY _connect.
You could also look at the _Connect-Type. It should be 'SQLC' for SQL connections.
FOR EACH _Connect NO-LOCK WHERE _Connect._connect-type = "SQLC":
DISPLAY _connect._connect-type.
END.
Best of all would be to do this in a separate environment. If you can't at least try it in a test environment first.
Here's a good guide.
You can use a Select like this:
select
c."_Connect-type",
c."_Connect-PID" as 'PID',
c."_connect-ipaddress" as 'IP',
c."_Connect-CacheInfo"
from
pub."_connect" c
where
c."_Connect-CacheInfo" is not null
But first you need to enable connection cache, follow this example

Ngnx and allow ports

I want to allow the following IP addresses in Nginx but I do not understand the format given by the CDN, how do I use these?
146.88.136.0/21
94.31.33.128/27
64.125.78.224/27
94.31.33.192/27
64.125.78.192/27
198.232.124.0/22
27.50.79.130/32
50.31.251.34/32
108.161.176.0/20
64.125.76.96/27
94.31.33.160/27
64.125.102.96/27
64.125.102.64/27
216.12.211.59/32
50.31.249.226/32
119.81.131.131
70.39.132.0/24
64.125.102.32/27
64.125.76.64/27
64.125.78.96/27
216.12.211.60/32
27.50.77.226/32
119.81.131.130
146.88.128.0/21
174.36.204.195
174.36.204.196
37.58.110.67
37.58.110.68
158.85.206.228
158.85.206.231
94.46.144.0/20
94.31.56.160/27
94.31.27.64/27
177.54.148.0/24
185.18.207.65/26
The list your CDN has given you is a list of CDIR formatted IP addresses which Nginx supports out of the box, you can simply state them as listed just prefix each with 'allow', ie:
allow 146.88.136.0/21;
allow 94.31.33.128/27;
allow 64.125.78.224/27;
allow 94.31.33.192/27;

Resources