hashipets.toml

#============================================================================
#     _               _     _            _
#    | |__   __ _ ___| |__ (_)_ __   ___| |_ ___
#    | '_ \ / _` / __| '_ \| | '_ \ / _ \ __/ __|
#    | | | | (_| \__ \ | | | | |_) |  __/ |_\__ \
#    |_| |_|\__,_|___/_| |_|_| .__/ \___|\__|___/
#                            |_|
#
#    🐶 An awesome collection of pet snippets for use
#    with all of the great HashiCorp command line tools!
#
#============================================================================
# Begin hashipets snippets
#============================================================================

#----------------------------------------------------------------------------
# Consul snippets
#----------------------------------------------------------------------------

# Begin consul CLI snippets

[[snippets]]
  description = "List all known datacenters from the catalog"
  command = "consul catalog datacenters"
  tag = ["consul"]
  output = """
dc1
"""

[[snippets]]
  description = "List all known nodes from the catalog"
  command = "consul catalog nodes"
  tag = ["consul"]
  output = """
Node      ID        Address     DC
consuls0  698fcc66  172.17.0.2  dc1
consuls1  99b48ba6  172.17.0.4  dc1
consuls2  f1fd7e96  172.17.0.3  dc1
vault0    4937ba93  172.17.0.5  dc1
vault1    e1252bcc  172.17.0.7  dc1
vault2    4b18b9a0  172.17.0.6  dc1
"""

[[snippets]]
  description = "List all known services from the catalog"
  command = "consul catalog services"
  tag = ["consul"]
  output = """
consul
vault
"""

[[snippets]]
  description = "Show Debugging information for operators"
  command = "consul info"
  tag = ["consul"]

[[snippets]]
  description = "Generate a gossip encryption key"
  command = "consul keygen"
  tag = ["consul"]
  output = """
5ctx/MyDnAnR+82J1sQvJg==
"""

[[snippets]]
  description = "Delete KV entry (Note: <path_to_key> should not include leading slash or 'kv' prefix)"
  command = "consul kv delete <path_to_key>"
  tag = ["consul"]
  output = """
Success! Deleted key: <path_to_key>
"""

[[snippets]]
  description = "Export KV tree to JSON file, suitable for importing with `consul kv import` (Note: <key> is just the bare target key name, e.g. vault)"
  command = "consul kv export <key> > <filename.json>"
  tag = ["consul"]

[[snippets]]
  description = "Import a JSON based KV tree representation from `consul kv export`"
  command = "consul kv import @<filename.json>"
  tag = ["consul"]
  output = """
Imported: path/foo
Imported: path/bar
...
"""

[[snippets]]
  description = "Set or update KV entry (Note: path to key should not include leading slash or 'kv' prefix)"
  command = "consul kv put <path_to_key> <value>"
  tag = ["consul"]
  output = """
Success! Data written to: <path_to_key>
"""

[[snippets]]
  description = "Show current Consul cluster members"
  command = "consul members"
  tag = ["consul"]
  output = """
Node                 Address          Status  Type    Build  Protocol  DC    Segment
consul_oss_server_0  172.17.0.2:8301  alive   server  0.9.3  2         dc1  <all>
consul_oss_server_1  172.17.0.3:8301  alive   server  0.9.3  2         dc1  <all>
consul_oss_server_2  172.17.0.4:8301  alive   server  0.9.3  2         dc1  <all>
consul_oss_client_0  172.17.0.5:8301  alive   client  0.9.3  2         dc1  <default>
consul_oss_client_1  172.17.0.7:8301  alive   client  0.9.3  2         dc1  <default>
consul_oss_client_2  172.17.0.6:8301  alive   client  0.9.3  2         dc1  <default>
"""

[[snippets]]
  description = "Display the current Raft peer configuration"
  command = "consul operator raft list-peers"
  tag = ["consul"]
  output = """
Node                 ID                                    Address          State     Voter  RaftProtocol
consul_oss_server_0  540ba725-165e-704f-ecb6-aec22518f037  172.17.0.2:8300  leader    true   3
consul_oss_server_1  ee2fcd1f-7478-69c6-171a-1dc06a040d9a  172.17.0.3:8300  follower  true   3
consul_oss_server_2  8d37a161-12a1-c426-4460-782b3cb4b51a  172.17.0.4:8300  follower  true   3
"""

[[snippets]]
  description = "Write a Consul snapshot to disk"
  command = "consul snapshot save <filename.snap>"
  tag = ["consul"]
  output = """
Saved and verified snapshot to index 9001
"""

[[snippets]]
  description = "Monitor Consul operational logging at debug level and save to file"
  command = "consul monitor -log-level=\"debug\" | tee `hostname`-`date +%Y-%m-%dT%H:%M:%SZ`-consul-monitor.log"
  tag = ["consul"]

[[snippets]]
  description = "Validate Consul configuration file"
  command = "consul validate <configuration_file.json>"
  tag = ["consul"]
  output = """
Configuration is valid!
"""

[[snippets]]
  description = "Sort and summarize Vault Consul KV usage"
  command = "consul kv get -recurse -keys -separator=\" \" vault/ | awk -F\"/\" '{print $3}' | sort | uniq -c | sort -nr"
  tag = ["consul", "vault"]
  output = """
 313 logs
 278 pages
 209 token
 102 expire
 100 650477ae-0625-9b37-2f5d-8651a1b61a24
  11 policy
   7 23eba1e2-ec43-9015-f259-300e8a3a7539
   6 5f16a57b-9a95-abd5-51a0-0c612fb2a86f
   5 3554d8b1-f411-4e2a-7ee4-69e590b88051
   2 checkpoint
   1 wrapping
   1 seal-config
   1 mounts
   1 master
   1 lock
   1 local-mounts
   1 local-auth
   1 local-audit
   1 leader
   1 keyring
   1 dcc00dea-05b2-f4cb-cbdc-ec7bedcfcb2c
   1 counters
   1 cluster
   1 auth
   1 audit
   1 763e93a2-8591-1a11-2a1c-2d6ae6408fd8
"""

# End consul CLI snippets

# Begin Consul related OS commands

[[snippets]]
  description = "List current ulimits for Consul process ID via /proc"
  command = "cat /proc/`pidof consul`/limits"
  tag = ["consul", "os"]
  output = """
Max cpu time              unlimited            unlimited            seconds
Max file size             unlimited            unlimited            bytes
Max data size             unlimited            unlimited            bytes
Max stack size            8388608              unlimited            bytes
Max core file size        0                    unlimited            bytes
Max resident set          unlimited            unlimited            bytes
Max processes             unlimited            unlimited            processes
Max open files            1048576              1048576              files
Max locked memory         83968000             83968000             bytes
Max address space         unlimited            unlimited            bytes
Max file locks            unlimited            unlimited            locks
Max pending signals       7754                 7754                 signals
Max msgqueue size         819200               819200               bytes
Max nice priority         0                    0
Max realtime priority     0                    0
Max realtime timeout      unlimited            unlimited            us
"""

[[snippets]]
  description = "List number of open files for Consul process ID via /proc"
  command = "ls -l /proc/`pidof consul`/fd/ | wc -l"
  tag = ["consul", "os"]
  output = """
29
"""

[[snippets]]
  description = "Start a basic Consul docker container"
  command = "docker run -d --name consul -p 8500:8500 -e 'CONSUL_LOCAL_CONFIG={\"skip_leave_on_interrupt\": true}' consul agent -server -bind=0.0.0.0 -bootstrap-expect=1"
  tag = ["consul", "docker", "os"]
  output = """
80383ac3ae1a231c439fec0e8fcd834e6e574f9e668db6d455529ef490fde5fd
"""

[[snippets]]
  description = "Get Consul log entries from journalctl output provided service name is 'consul'"
  command = "journalctl -u consul"
  output = """
...
"""

[[snippets]]
  description = "Discover K/V key names with odd UTF8 and UTF16 values"
  command = "curl -s 'http://127.0.0.1:8500/v1/kv/<path>/?keys=true&recurse=true&separator=' | jq -r .[] | iconv -f utf-8 -t utf-16 | grep -avx '.*'"
  tag = ["consul", "utf8", "utf16"]
  output = """
"""

[[snippets]]
  description = "Get latest Consul release version"
  command = "curl -s https://releases.hashicorp.com/consul/index.json | jq -r '.versions[].version' | grep -Ev 'beta|rc|\\+ent' | tail -n1"
  output = """
1.6.1
"""


#----------------------------------------------------------------------------
# Nomad snippets
#----------------------------------------------------------------------------

# Begin nomad CLI snippets

[[snippets]]
  description = "Validate a job file"
  command = "nomad validate <job_file.nomad>"
  tag = ["nomad"]
  output = """
Job validation successful
"""

# End nomad CLI snippets

#----------------------------------------------------------------------------
# Packer snippets
#----------------------------------------------------------------------------

# Begin packer CLI snippets

[[snippets]]
  description = "Validate template"
  command = "packer validate <template.json>"
  tag = ["packer"]
  output = """
Template validated successfully.
"""

# End packer CLI snippets

#----------------------------------------------------------------------------
# Terraform snippets
#----------------------------------------------------------------------------

# Begin terraform CLI snippets

[[snippets]]
  description = "Apply canoonical formatting to Terraform configuration files — execute from a directory of Terraform files"
  command = "terraform fmt"
  tag = ["terraform"]

[[snippets]]
  description = "Print tree of providers used in current configuration"
  command = "terraform fmt"
  tag = ["terraform"]
  output = """
.
├── provider.docker
├── module.consul_cluster
│   ├── provider.docker (inherited)
│   └── provider.template
└── module.vaultron
    ├── provider.docker (inherited)
    └── provider.template
"""

[[snippets]]
  description = "Validate configuration files — execute from a directory of Terraform files"
  command = "terraform validate"
  tag = ["terraform"]

# End terraform CLI snippets

#----------------------------------------------------------------------------
# Vagrant snippets
#----------------------------------------------------------------------------

# Begin vagrant CLI snippets

[[snippets]]
  description = "Global status"
  command = "vagrant global-status"
  tag = ["vagrant"]
  output = """
id       name    provider   state   directory
--------------------------------------------------------------------------------------------
5ad285c  default virtualbox running /Users/brian/sandbox/vagrant/rando
7205451  default virtualbox running /Users/brian/sandbox/vagrant/centos7
dbf5b94  consul1 virtualbox running /Users/brian/ansible_roles/brianshumate.consul/examples
83390b9  consul2 virtualbox running /Users/brian/ansible_roles/brianshumate.consul/examples
9f3b2ad  consul3 virtualbox running /Users/brian/ansible_roles/brianshumate.consul/examples
b82e909  default virtualbox running /Users/brian/sandbox/vagrant/ubuntu_1604

The above shows information about all known Vagrant environments
on this machine. This data is cached and may not be completely
up-to-date. To interact with any of the machines, you can go to
that directory and run Vagrant, or you can use the ID directly
with Vagrant commands from any directory. For example:
"vagrant destroy 1a2b3c4d"
"""

[[snippets]]
  description = "List installed boxes"
  command = "vagrant box list"
  tag = ["vagrant"]
  output = """
bento/centos-7.3   (virtualbox, 2.3.8)
bento/ubuntu-16.04 (virtualbox, 201708.22.0)
bento/ubuntu-17.04 (virtualbox, 2.3.8)
debian/jessie64    (virtualbox, 8.9.0)
"""

[[snippets]]
  description = "Output ssh configuration for connecting to box"
  command = "vagrant ssh-config"
  tag = ["vagrant"]
  output = """
Host default
  HostName 127.0.0.1
  User vagrant
  Port 2202
  UserKnownHostsFile /dev/null
  StrictHostKeyChecking no
  PasswordAuthentication no
  IdentityFile $BOX/.vagrant/machines/default/virtualbox/private_key
  IdentitiesOnly yes
  LogLevel FATAL
  ForwardAgent yes
"""

[[snippets]]
  description = "Validate Vagrantfile - execute in same directory as Vagrantfile"
  command = "vagrant validate"
  tag = ["vagrant"]
  output = """
Vagrantfile validated successfully.
"""

# End vagrant CLI snippets

#----------------------------------------------------------------------------
# Vault snippets
#----------------------------------------------------------------------------

# Begin vault CLI snippets

[[snippets]]
  description = "Display currently enabled auth methods; note: use '-detailed' to get more information"
  command = "vault auth list"
  tag = ["vault"]
  output = """
Path                  Type        Accessor                  Description
----                  ----        --------                  -----------
token/                token       auth_token_49b785fc       token based credentials
vaultron-approle/     approle     auth_approle_1fc65824     n/a
vaultron-cert/        cert        auth_cert_dfe0fa4c        n/a
vaultron-ldap/        ldap        auth_ldap_21589dbe        n/a
vaultron-userpass/    userpass    auth_userpass_7df71978    n/a
"""

[[snippets]]
  description = "Check capabilities of token on a path"
  command = "vault token capabilities <token> <path>"
  tag = ["vault"]
  output = """
create, delete, list, sudo, update
"""

[[snippets]]
  description = "Delete non-KV data"
  command = "vault delete <options> <path>"
  tag = ["vault"]
  output = """
Success! Data deleted (if it existed) at: auth/aws/config/client
"""

[[snippets]]
  description = "Initialize Vault with only 1 key share"
  command = "vault operator init -key-shares=1  -key-threshold=1"
  tag = ["vault"]
  output = """
Unseal Key 1: Yp5mYpLU4kF3bkjuTukpQPksG5r9MKqbam6t7d/lbJI=

Initial Root Token: s.pOzeU7KqJHQHCi1RzmHqPfCh

Vault initialized with 1 key shares and a key threshold of 1. Please securely
distribute the key shares printed above. When the Vault is re-sealed,
restarted, or stopped, you must supply at least 1 of these keys to unseal it
before it can start servicing requests.

Vault does not store the generated master key. Without at least 1 key to
reconstruct the master key, Vault will remain permanently sealed!

It is possible to generate new unseal keys, provided you have a quorum of
existing unseal keys shares. See "vault operator rekey" for more information.
"""

[[snippets]]
  description = "Initialize Vault for HSM or clous seal with only 1 key share"
  command = "vault operator init -key-shares=1 -key-threshold=1 -stored-shares=1 -recovery-shares=1 -recovery-threshold=1"
  tag = ["vault"]
  output = """
Recovery Key 1: LXuYIR5C/Iag+PMHFgR6tCQmIZYtzA4vJuu2klZCuqQ=

Initial Root Token: s.1iDeCXldWyW696NpY0Ni4uxm

Success! Vault is initialized

Recovery key initialized with 1 key shares and a key threshold of 1. Please
securely distribute the key shares printed above.
"""

[[snippets]]
  description = "List data"
  command = "vault list <path>"
  tag = ["vault"]
  output = """
Keys
----
key1
key2
key3
"""

[[snippets]]
  description = "Display current backend mounts"
  command = "vault secrets list"
  tag = ["vault"]
  output = """
Path                           Type         Accessor              Description
----                           ----         --------              -----------
cubbyhole/                     cubbyhole    cubbyhole_b78a3ded    per-token private secret storage
identity/                      identity     identity_38f40b2b     identity store
secret/                        kv           kv_96088f65           key/value secret storage
sys/                           system       system_18ca4813       system endpoints used for control, policy and debugging
vaultron-aws/                  aws          aws_7b6bc58b          Vaultron example AWS secrets engine
vaultron-consul/               consul       consul_f394b16d       Vaultron example Consul secrets engine
vaultron-kv/                   kv           kv_f713b007           Vaultron example KV version 1 secrets engine
vaultron-root-int/             pki          pki_88b3f1cb          Vaultron example PKI secrets engine (for int CA)
vaultron-root-pki/             pki          pki_16252747          Vaultron example PKI secrets engine (for root CA)
vaultron-ssh-client-signer/    ssh          ssh_1000e909          Vaultron example SSH Secrets Engine (client)
vaultron-ssh-host-signer/      ssh          ssh_54abe30e          Vaultron example SSH Secrets Engine (host)
vaultron-totp/                 totp         totp_9e0cbbf1         Vaultron example TOTP Secrets Engine
vaultron-transit/              transit      transit_dd0490df      Vaultron example Transit secrets engine
"""

[[snippets]]
  description = "Write a policy (replaces existing policy)"
  command = "vault policy write <name> <path_to_policy_file.hcl>"
  tag = ["vault"]
  output = """
Success! Uploaded policy: '<name>'
"""

[[snippets]]
  description = "Move currently mounted Secrets Engine to new path"
  command = "vault secrets move secret other_secret"
  tag = ["vault"]
  output = """
Success! Moved secrets engine secret/ to: other_secret/
"""

[[snippets]]
  description = "Get Vault status"
  command = "vault status"
  tag = ["vault"]
  output = """
Key             Value
---             -----
Seal Type       shamir
Sealed          false
Total Shares    1
Threshold       1
Version         0.11.1+prem
Cluster Name    vaultron
Cluster ID      c7fec15d-5b17-204c-c2c7-1b8bf1b2c935
HA Enabled      true
HA Cluster      https://172.17.0.9:8201
HA Mode         active
"""

[[snippets]]
  description = "Create a token with specific policy and display name"
  command = "vault token create -policy=<policy_name> -display-name=\"<display_name>\""
  tag = ["vault"]
  output = """
Key                  Value
---                  -----
token                s.23C6ZrsyZOmRig3fIv3RbOSu
token_accessor       sxYYZ7MmBDBXXoojJ0X6cojj
token_duration       50000h
token_renewable      true
token_policies       ["default" "policy_name"]
identity_policies    []
policies             ["default" "policy_name"
"""

[[snippets]]
  description = "Look up information about token - use token id to get information on any specific token or no options to look up token currently used for authentication"
  command = "vault token lookup <token_id>"
  tag = ["vault"]
  output = """
Key                 Value
---                 -----
accessor            sxYYZ7MmBDBXXoojJ0X6cojj
creation_time       1549385899
creation_ttl        50000h
display_name        token-wildout
entity_id           n/a
expire_time         2024-10-20T00:58:19.3381512Z
explicit_max_ttl    0s
id                  s.23C6ZrsyZOmRig3fIv3RbOSu
issue_time          2019-02-05T16:58:19.3381373Z
meta                <nil>
num_uses            0
orphan              false
path                auth/token/create
policies            [default]
renewable           true
ttl                 49999h59m15s
type                service
"""

[[snippets]]
  description = "Renew a token"
  command = "vault token renew <tokend_id>"
  tag = ["vault"]
  output = """
Key                  Value
---                  -----
token                s.23C6ZrsyZOmRig3fIv3RbOSu
token_accessor       sxYYZ7MmBDBXXoojJ0X6cojj
token_duration       49999h58m20s
token_renewable      true
token_policies       ["default"]
identity_policies    []
policies             ["default"]
"""

[[snippets]]
  description = "Revoke a token - pass token accessor or id"
  command = "vault token revoke <token_accessor_or_id>"
  tag = ["vault"]
  output = """
Success! Token revoked if it existed.
"""

[[snippets]]
  description = "Login with username and password auth method and pass token to macOS system clipboard after entering password when prompted"
  command = "vault login -field=token -method=userpass username=<username> | pbcopy"
  tag = ["vault", "macOS"]
  output = """
Password (will be hidden):
"""

[[snippets]]
  description = "Login with username and password auth method and pass token to Linux system clipboard after entering password when prompted"
  command = "vault login -field=token -method=userpass username=<username> | xclip -sel clip"
  tag = ["vault", "Linux"]
  output = """
Password (will be hidden):
"""

# End vault CLI snippets

# Begin Vault related OS commands

[[snippets]]
  description = "Split out Audit Device entries from a combined syslog with ripgrep"
  command = "rg '\\{\"time\":\"' <vault_combined_log> > <vault_audit_device.log>"
  tag = ["vault", "os", "ripgrep"]
  output = """
"""

[[snippets]]
  description = "Split out operational log entries from a combined syslog with ripgrep"
  command = "rg '(INFO|DEBUG|ERROR|TRACE|WARNING)' <vault_combined_log> > <vault_operational.log>"
  tag = ["vault", "os", "ripgrep"]
  output = """
"""

[[snippets]]
  description = "List current ulimits for Vault process ID via /proc"
  command = "cat /proc/`pidof vault`/limits"
  tag = ["vault", "os"]
  output = """
Limit                     Soft Limit           Hard Limit           Units
Max cpu time              unlimited            unlimited            seconds
Max file size             unlimited            unlimited            bytes
Max data size             unlimited            unlimited            bytes
Max stack size            8388608              unlimited            bytes
Max core file size        0                    unlimited            bytes
Max resident set          unlimited            unlimited            bytes
Max processes             unlimited            unlimited            processes
Max open files            1048576              1048576              files
Max locked memory         83968000             83968000             bytes
Max address space         unlimited            unlimited            bytes
Max file locks            unlimited            unlimited            locks
Max pending signals       7754                 7754                 signals
Max msgqueue size         819200               819200               bytes
Max nice priority         0                    0
Max realtime priority     0                    0
Max realtime timeout      unlimited            unlimited            us
"""

[[snippets]]
  description = "List number of open files for Vault process ID via /proc"
  command = "ls -l /proc/`pidof vault`/fd/ | wc -l"
  tag = ["vault", "os"]
  output = """
11
"""

[[snippets]]
  description = "Get latest Vault release version"
  command = "curl -s https://releases.hashicorp.com/vault/index.json | jq -r '.versions[].version' | grep -Ev 'beta|rc|\\+ent|\\+ent.hsm' | tail -n1"
  output = """
1.2.3
"""

[[snippets]]
  description = "Retrieve current EC2 instance identity document"
  command = "curl -s http://169.254.169.254/latest/dynamic/instance-identity/document"
  output = ""

[[snippets]]
  description = "Retrieve current EC2 instance signature"
  command = "curl -s http://169.254.169.254/latest/dynamic/instance-identity/signature | tr --delete '\\n';echo"
  output = ""

[[snippets]]
  description = "Retrieve current EC2 instance PKCS7 signature"
  command = "curl -s http://169.254.169.254/latest/dynamic/instance-identity/pkcs7 | tr --delete '\\n';echo"
  output = ""

[[snippets]]
  description = "Get ports Vault is listening on"
  command = "sudo lsof -Pan -p `pidof vault` -i"
  output = """
COMMAND   PID    USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
vault   13987 vagrant    5u  IPv4  49577      0t0  TCP 127.0.0.1:43138->127.0.0.1:8500 (ESTABLISHED)
vault   13987 vagrant    6u  IPv4  42403      0t0  TCP *:8200 (LISTEN)
vault   13987 vagrant    9u  IPv4  41750      0t0  TCP 127.0.0.1:43106->127.0.0.1:8500 (ESTABLISHED)
vault   13987 vagrant   10u  IPv6  42626      0t0  TCP *:8201 (LISTEN)
"""

[[snippets]]
  description = "Get Vault log entries from journalctl output provided service name is 'vault'"
  command = "journalctl -u vault"
  output = """
...
"""

[[snippets]]
  description = "Execute a Vault docker container with transactional in memory storage"
  command = "docker run --cap-add=IPC_LOCK -p 8200:8200 vault server -dev-transactional"
  tag = ["vault", "docker"]
  output = """
==> Vault server configuration:

             Api Address: http://0.0.0.0:8200
                     Cgo: disabled
         Cluster Address: https://0.0.0.0:8201
              Listener 1: tcp (addr: "0.0.0.0:8200", cluster address: "0.0.0.0:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
               Log Level: (not set)
                   Mlock: supported: true, enabled: false
                 Storage: inmem_transactional
                 Version: Vault v0.11.4
             Version Sha: 612120e76de651ef669c9af5e77b27a749b0dba3
...
"""

[[snippets]]
  description = "Tell Vaultron to use Vault OSS instances"
  command = "export TF_VAR_vault_oss_instance_count=3 TF_VAR_vault_custom_instance_count=0"
  tag = ["envvars"]
  output = ""

[[snippets]]
  description = "Tell Vaultron to use Vault custom instances"
  command = "export TF_VAR_vault_oss_instance_count=0 TF_VAR_vault_custom_instance_count=3"
  tag = ["envvars"]
  output = ""

[[snippets]]
  description = "Use vegeta to test Vault generic secret retrieval at rate of R per second for S seconds"
  command = "echo \"GET $VAULT_ADDR/v1/secret/<secret>\" | vegeta attack -duration=<10s> -header \"X-Vault-Token: <vault_token>\" -rate <rate> | tee <results_file.bin> | vegeta report"
  tag = ["vegeta"]
  output = ""

[[snippets]]
  description = "Use strace to examine Vault process system calls"
  command = "strace -fp $(pidof vault)"
  tag = ["strace"]
  output = ""

[[snippets]]
  description = "Send a Vault Docker container logs to gzipped file"
  command = "docker logs <container_name> 2>&1 | gzip -9 - > <container_name>.log.gz"
  tag = ["docker", "gzip"]
  output = ""

#----------------------------------------------------------------------------
# jq snippets for general Vault stuff
#----------------------------------------------------------------------------

[[snippets]]
  description = "Use jq to accessors of all tokens with a root policy"
  command = "for a in $(vault list -format=json auth/token/accessors | jq -r '. | .[]'); do vault token lookup -format=json -accessor $a | jq -r 'select(.data.policies | index(\"root\")) | .data.accessor'; done"
  tag = ["vault", "jq"]
  output = """
Jgn9OV0Egkr7CNEQdgh6VfnC
WSyBFE0Lr5Py3aPzdGZ8Oe1p
VqwYsVCimeg4Wc7EoKGzbdQ7
"""

#----------------------------------------------------------------------------
# jq snippets for inspecting Vault Audit Device logs
#----------------------------------------------------------------------------

[[snippets]]
  description = "Use jq to find non-empty errors in audit log output"
  command = "jq 'select(.error != \"\") | [.time,.error] | @sh' <vault_audit_log_file>"
  tag = ["vault", "audit", "jq"]
  output = """
"'2019-02-04T14:20:33.998532424Z' '1 error occurred:\n\t* invalid request\n\n'"
"'2019-02-04T14:20:34.033386661Z' 'missing client token'"
"'2019-02-04T14:20:34.033543831Z' '1 error occurred:\n\t* invalid request\n\n'"
"'2019-02-04T14:31:03.25089997Z' 'permission denied'"
"'2019-02-04T14:31:03.272795797Z' 'permission denied'"
"'2019-02-04T14:31:03.399976427Z' 'permission denied'"
"'2019-02-04T14:31:03.400159152Z' '1 error occurred:\n\t* permission denied\n\n'"
"""

[[snippets]]
  description = "Use jq to find non-empty errors in audit log output and include the remote address"
  command = "jq 'select(.error != \"\") | [.time,.request.remote_address,.error] | @sh' <vault_audit_log_file>"
  tag = ["vault", "audit", "jq"]
  output = """
"'2019-08-14T13:05:15.343768707Z' '28.141.217.71' '1 error occurred:\n\t* invalid request\n\n'"
"'2019-08-14T13:05:15.454953004Z' '28.141.217.71' 'missing client token'"
"'2019-08-14T13:05:15.455388459Z' '28.141.217.71' '1 error occurred:\n\t* invalid request\n\n'"
"'2019-08-14T13:55:04.816948555Z' '28.141.217.71' 'permission denied'"
"'2019-08-14T13:55:04.81739815Z' '28.141.217.71' '1 error occurred:\n\t* permission denied\n\n'"
"'2019-08-14T13:55:04.91759192Z' '28.141.217.71' 'permission denied'"
"""

# End Vault related OS commands

#============================================================================
# End hashipets snippets
#============================================================================