Is it possible to search solana address which meets all the following conditions?
address starts with specific letters
address ends with specific letters
specific token balance is specific number at a specific point in the past
None of these are possible with the normal JSON RPC calls provided by a Solana node, but you have two options that you can develop.
Create an accounts plugin that tracks what you need: addresses with certain start / end letters, and token balances. More information about how to develop an accounts plugin at https://github.com/solana-labs/solana-accountsdb-plugin-postgres
Add options to solana-ledger-tool to get accounts based on address start and end. Currently it just prints out all the accounts by running solana-ledger-tool accounts -l my-ledger, but you could put in a PR to add some filters for the start and end letters in base-58 encoding. The source code for it can be found at https://github.com/solana-labs/solana/tree/master/ledger-tool. Note that this requires a validator ledger, which would require you to run your own node.
Related
One customer had a problem where an incorrect email (from another customer) was assigned to a case. The incorrectly assigned email is a response to a case that was deleted. However, the current case has the same tracking token as the deleted one. It seems that the CRM system uses the same tracking token as soon as it is available again. This should not happen! Here Microsoft has a real programming error from our point of view. The only solution we see is to increase the number of numbers to the maximum so that it takes longer until all tracking tokens are used up. But in the end, you still reach the limit.
Is there another possibility or has Microsoft really made a big mistake in the way emails are allocated?
We also activated Smart Matching, but that didn't help in this case either, because the allocation was made via the Tracking Token first.
Thanks
The structure of the tracking token can be configured and is set to 3 digits by default. This means that as soon as 999 emails are reached, the tracking token starts again at 1, which is basically a thinking error on Microsoft's part.
If you have set "Automatic replies", these will be reached in the shortest possible time. We therefore had to increase the number to 9 digits, which is also not a 100% solution. At some point, this number of emails is also reached and then emails are again assigned to requests that do not belong together. Microsoft has to come up with another solution.
I am using Elastic/Filebeat/Kibana and want to monitor users who ssh into a Jump Box specifically
What IPs are they ssh'ng to
Which users are connecting to those IP's
What are the most connected to machines
Which user is creating the most outbound connections
I have the system module enabled and all I can see is "related.user" to tell me who connects to the server via ssh but that's it.
You need to adjust your configuration in order to see all the information that you want.
What IPs are they ssh'ng to?
You are missing the destination.ip, you can easily just pick it up from it. Changes are you want to write some code and you can also extract it from the ssh command itself, you can see in the command the user, other arguments, and the destination ip in there as well, but you will need to parse that list. (process.parent.args), additionally, you can get the list count, and get the last element which is usually the IP, but I think it is easier to use the destination.ip itself.
Which users are connecting to those IP's?
For this, once you have the source and destination details, you need to create the Kibana report, you can run several aggregations and add different panels. A simple aggregation by IP will show you this, it is a matter of preference how you want it displayed.
What are the most connected to machines?
The same, you first run a count on the sources, or destinations (or both), then run a max on them.
Which user is creating the most outbound connections?
Here you can do all the users at once by running a count and grouping by user, then you list in descending order.
You can see a full list of properties here (ecs fields)
Summary:
You need some extra fields, destiantion.ip, source.ip, eventually parse your arguments, then for reporting you need to count them and aggregate them, but once you have that data you can easily pull them and run the aggregations on them. I think the related user is a good one since it is the only one shown in the event itself, but how about if this user A actually uses an account B to connect to SSH, in that case you need to part the arguments from the process.parent.args .
Cheers.
I'm trying to wrap my head around SGP.02-v4.0 - Remote Provisioning Architecture for Embedded UICC Technical Specification and specifically ES3.UpdateConnectivityParameters function.
The puzzling thing is that figure 29 in section 3.14 shows that SM-SR sends only one MT-SMS to eUICC after ES3.UpdateConnectivityParameters received. I understand that actual connectivity parameters in the form of the ES8.UpdateConnectivityParametersSCP03 command are sent in SCP03 tunnel.
Commands sent using SCP03 require that two commands are sent to eUICC first (INITIALIZE UPDATE and EXTERNAL AUTHENTICATION as described in GlobalPlatform Card Specification 2.2.1 section D.1.2). I understand it that these two commands cannot be sent in one MT-SMS as in order to send the second one the result from the first one is required.
So it means that actual execution of the ES3.UpdateConnectivityParameters function requires at least three messages over ES5.
This section from Secure Channel Protocol '03' – Public Release v1.1.1 adds to this confusion:
The Secure Channel is used to personalize cards at Issuance and during Post-Issuance. The mode of the Secure Channel Protocol which uses pseudo-random card challenges allows the offline preparation of personalization scripts while the card is not present and the processing of these scripts on the card without an online connection to the entity that prepared the scripts
I initially interpret edit that all three commands (INITIALIZE UPDATE, EXTERNAL AUTHENTICATION and ES8.UpdateConnectivityParametersSCP03) can be sent in one OTA message. But now when asking this question I see that it may mean a message over ES3 (between SM-DP and SM-SR) not over ES5 as I initially thought.
Is my understanding that the figure in SGP.02 is a simplified explanation and it does not show all OTA messages send to and from eUICC (specifically those required to establish SCP03)?
I have not looked up if your assumption of using SCP03 here is true, assume they are using it:
The pseudo-random card challenges allows to execute both commands in one message. Because like the name suggest it is no real random but random calculated from a known value. The known value is the sequence counter. It can be read out from the card and must be known and in sync and incremented by both parties.
I have an application using Bing Maps API to retrieve coordinates for a postal code and then I perform spatial queries based on the result. There are times where I get empty results, but when I wait a few minutes it succeeds. I added logic that retried a handful of times if there's a failure but that doesn't seem to be helping. Here's the empty result I get back:
{"authenticationResultCode":"ValidCredentials","brandLogoUri":"http://dev.virtualearth.net/Branding/logo_powered_by.png","copyright":"Copyright © 2014 Microsoft and its suppliers. All rights reserved. This API cannot be accessed and the content and any results may not be used, reproduced or transmitted in any manner without express written permission from Microsoft Corporation.","resourceSets":[{"estimatedTotal":0,"resources":[]}],"statusCode":200,"statusDescription":"OK","traceId":"7a6bfca3f89b4f94a4693a410da4feb7|CH10043840|02.00.107.2300|CH1SCH050102529"}
And here's the URL I'm calling:
http://dev.virtualearth.net/REST/v1/Locations?q=50613&o=json&key=MyApiKey
Is there a way I can retrieve further information based on the traceId? Or is this something that's just accepted when using Bing Maps API?
You should firstly check the number of requests you're doing in a specific time and put it in relation with the type of Bing Maps Key you're using. Basic keys are rate limited which means that if you exceed the allowed number of request in a specific duration, you will be blocked.
Bing Maps Trial and basic key and rate limitation information
Those types of key are rate limited for security and logicial reasons (on 24h period and with time between the request) and that's the reason why you're getting a blank response without any information regarding the fact that it failed to geocode.
See the Terms of Use regarding the limitations and other restrictions (load and stress tests as well as hammering are part of it): http://www.microsoft.com/maps/product/terms.html
So, in order to try to analyze where your problem comes from, you might:
Check the type of key you're using and how many calls you're making on a specific period
Check the header of the response, it should include a specific header value: X-MS-BM-WS-INFO set to 1 if you are rate limited
See the MSDN about error handling: http://msdn.microsoft.com/en-us/library/ff701703.aspx
If you're not in this case (if you have an enterprise account), reach the technical support so they can officialy get back to you and check the key.
I'm working on my enterprise SaaS application and some of my users would like to be charged on a per-seat approach.
I was wondering how to make sure that the access will indeed be limited. I can see right now that people with the same login/password are logging from different IP addresses, different user agents at the same time, even though the company have paid only for one seat.
What would be the best way to implement the limitation from business and technical perspectives? I don't want to be too strict, at the same time I want companies to pay for the number of seats they actually need.
Don't filter by user agent, I think that would be too strict, some people may have a variety of browsers installed. Filtering by IP could also be tricky, some users may have a dynamic IP that changes at regular intervals.
One idea I have would be to force users to install a browser extension, the browser extension could generate a unique ID from something on the operating system. Maybe use a HDD volume number or Windows serial key, anything that will be unique to that computer.
Once you have this unique ID, use it in the back end tracking every time the user logs in. If the user exceeds a certain number of seats you can either block the user account or contact them first.
It would also be a good idea to allow the user a certain amount of freedom, so that if they have one seat then the back end will allow maybe 2 seats for a month (rolling period), this would be in-case the user buys a new pc or installs a new HDD.
Using IP seems a bad idea - people in a LAN will (usually) all have the same IP.
Assuming PHP has no API to access inspect sessions different than the current one - one idea is:
if you're not already doing it, for each login cookie you issue, also issue an unique id (an UUID will serve your purpose)
store those ids somewhere (in java you could store them in the application context, maybe in php you'll need a db table for that - I'm no php expert), together with two timestamps: "session start" and "last activity"
at each request, record the current timestamp in "last activity"
Then, when you get a new request, count how many other active have
last activity >= current session start
last activity >= now - session TTL (only needed if can't prune expired sessions in a timely fashion)
That should give you the number of occupied seats.
Note you will not notice a violation of the number of seats until after the surplus user has logged in and precisely until you see activity in some other session – I don't see any way around this issue since you don't know exactly when a seat becomes vacant (well, you might say it's vacant only when its session has expired, but that seems unfair).