@dashrender said in Centralized Log Management:

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

LOL - someone sounds like they are just complaining that their toy was taken.

True, but they are probably right. Amazon and other providers bastardize open source projects because the licences doesn't require them to share their changes with the open source community.

@irj said in Job offer:

It's actually wild how often contractors are offered FTE and turn it down.

Yes, job offers are always flattering but often respectfully declined.

If you're a successful contractor, becoming an employee is a usually a down grade in almost every aspect. But it's not for everyone.

@irj said in Job offer:

One extremely important thing to me is the industry of the company. Certain industries tend to be more IT friendly and have more robust infrastructure with more needs. For example, the best industries for stability and pay tend to be important ones like financial, Healthcare, government/defense, and a few others.

Other industries like retail, manufacturing, etc don't care about IT or data safety as much as they purely do for profits (right now). I'd gotta say travel agency is probably one of the worst industries to be involved with IMO.

1. the obvious reasons why it's bad during a pandemic, but also 2) it's just a middle man and completely unnecessary industry.

Now that we've looked at the industry of the employer let move onto the other obvious cons.

1. you're a temp for an entry level position after having what 3-4 years experience? This is the kind of position you might take if you walked off the street with zero experience.

2. you might be making more money without the benefits, but you've just basically told everyone that I'm ok being an entry level for another 2-3 years of my life.

3. what's a potential employer gonna think a year from now when they see a guy with 4-5 years entry level experience with two lateral entry level jobs?

4. the job sounds like it sucks.

Good points!

From a career perspective the offer sounds like a down grade. If you not moving up, your moving down.

@gjacobse said in Job offer:

Having insurance for me is a key item as I carry the kids,.. Contract and Contract to hire are never a guarantee - being hired on full time doesn't either. being there 2-10 years doesn't guarantee anything either.

Yes, does it really makes a difference if you're a contractor or employee? You don't have any safe income either way.

The only safety you can have as a white collar worker is having skills and experience that are valuable and sought-after.

@scottalanmiller said in CentOS - What is the current opinion here?:

@pete-s said in CentOS - What is the current opinion here?:

I'm curious about what workloads you are thinking about.
I try but I can't think of any major application that doesn't run on both debian and redhat based distros.

Zimbra is one that always gets me. RHEL / CentOS/ Ubuntu LTS only. And they've tried to block CentOS in the past, but gave up on that.

OK, yeah, that seems to be one that is particularly sensitive.

IMHO if an application needs heavy integration into the OS and depends on specific package versions then it's better to turn the whole thing into an turn-key linux appliance. Like proxmox, xcp-ng, vyos, pfsense, freepbx, 3cx and other have done.

My guess is that Zimbra is getting by on mostly legacy installations though. Self-hosted email is hard to justify nowadays.

@scottalanmiller said in CentOS - What is the current opinion here?:

@pete-s said in CentOS - What is the current opinion here?:

@jaredbusch said in CentOS - What is the current opinion here?:

But this is the thing, not all applications are designed to run on various operating systems. So you do not always have the luxury.

That's true, you have to run what works. But most of the time you can stick to one OS.

Not that we've found. Finding an environment where you are running Linux, and can avoid all variation is pretty rare, I think. So many apps only work on Ubuntu XOR CentOS. It's a mes out there.

I'm curious about what workloads you are thinking about.

I try but I can't think of any major application that doesn't run on both debian and redhat based distros. I'm not counting appliances here, because the OS under the hood is fixed and not something you can select.

@jaredbusch said in CentOS - What is the current opinion here?:

But this is the thing, not all applications are designed to run on various operating systems. So you do not always have the luxury.

That's true, you have to run what works. But most of the time you can stick to one OS.

@adamf said in CentOS - What is the current opinion here?:

So I have 1 server that needs migrated from CentOS8. What is the current state/opinion here about migration? Ubuntu is a clear choice, and most likely the path I will take, but wanted to get some other opinions as well. Is anyone using CentOS stream in a production scenario?

My opinion is that a company should pick one linux OS as their standard and stick to that for everything possible.

It doesn't matter what it is, because it will all work equally good. What matters are other things.

At work we run Debian because we want a non-commercial, community supported OS that is stable and has a huge user base.

@wls-itguy said in P2V conversion:

I have two physical servers that would take a great deal of time to rebuild to virtual so a conversion from P2V would be ideal. What are you guys using to do P2V conversions?

I was looking for VMWare's converter but I don't think it exists anymore.

It's better to just reinstall on a new Windows (I'm guessing) and do whatever upgrades that are needed at the same time.

P2V is not a good generic solution. Consider it for quick and dirty band-aid solutions only.

@jaredbusch said in Need audio cable help:

@Pete-S @Obsolesce

I have a Pyle PDC22 that should handle the levels for me.

https://www.pyleaudio.com/sku/PDC22/Professional-High-Performance-Dual-Passive-DI-Box---14-Instrument-To-Balanced-and-Unbalanced-(14XLR)-Direct-Box

I realized, after posting, and searching more, I didn't have something to separate the minijack 4 pin mic port.

Just get out the soldering iron then. Buy any cable with a 3.5mm TRRS connector and cut off the other end and solder a 1/4" phono plug on it.

If you want to use adapters you're going to need several of them.

This is what the mic input into the tablet/phone should look like:

@jaredbusch said in Need audio cable help:

I have a digital piano that my daughter uses.

It has a 1/4 inch headphone jacks for output if desired.

I need to convert that to a mic input for a tablet on a standard mini jack.

She uses an app on her tablet that listens for her to play on the best correctly. But with the built in mic it misses notes often. The app recommends a direct connection to improve that.

I cannot find a cable for that. My search terms are simply returning various standard adapters. Standard adapters do not move the output audio to the mic input. Simply to the audio output of the new size.

You have a mismatch of signals levels there.

The headphone output is for driving small speakers while a mic input is for picking up very low level voltage from a microphone.

Even if you made a cable the headphone output would overpower the mic input with a lot. It's a much, much stronger signal.

So besides cables you actually need some type of level converter.

Ideally you would want to avoid the headphone output and use the line output on the piano instead. I assume it has one. Usually 2 x RCA connectors. Normally when you plug something into the headphone output the speaker will be turned off. Hard to play the piano when you can't hear anything at all.

Anyway, search for audio adapters that musicians and streamers use for tablets and phones. For instance products from IK Multimedia like iRig Stream Solo. I think Rode has some as well. That will get you what you need in a complete package.

@pmoncho said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@pmoncho said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@scottalanmiller said in Email retention for non-regulated businesses?:

@pete-s In the US they tend to say "as short as possible." Email is always a legal quagmire and the best thing to do is to delete is as quickly as possible. Which, of course, can't be that fast. So we are generally talking 1-2 years. But you rarely want to keep it longer not because it likely contains details of people breaking the law, but because a legal discovery request is extremely expensive and a great way to attack even otherwise honorable businesses. It's a huge cost you can leverage against someone that they can only reasonably mitigate by not having much email to go through.

Man - that would be so awesome. But even if management did agree that - you'd have people that would be looking for ways to maintain the data for a much longer period - like printing and saving in a cabinet.. shudder.

I like many of the replies I get about cleaning out email. "Why, its free!" "Why, my 50 GB of email is nothing when we have 16TB drives for $200" "Why do I have to remove email older than 13 years, it isn't hurting anyone" "Why would I do that, I may need it later (Medicare Newsletters prior to 2010)" and the list goes on and on.

Exactly!

Then my next question is - if something is so important that you need to keep it - why is it in email in the first place? Why can't you get that data someplace else more related to whatever it is you're saving it for? (That said, I realize that other documentation for something simply don't exist).

Don't you dare get me started down this path. I had HUGE arguments about this with an ex-employee over the period of 10 years. The user could not/would not understand her email box is not a document database / DMS. The last I counted, she had over 300 different nested folders in her email.

Now that the user is gone, their mail copied to a shared mailbox for management to hunt/search and waste their time with if they choose.

It probably easier to have retention policy in place from the start.

If you know email retention is time-limited, you'd have to come up with some other way to store things.

But some people are just hopeless no matter what...

@dashrender said in Email retention for non-regulated businesses?:

@pete-s said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@pmoncho said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@scottalanmiller said in Email retention for non-regulated businesses?:

@pete-s In the US they tend to say "as short as possible." Email is always a legal quagmire and the best thing to do is to delete is as quickly as possible. Which, of course, can't be that fast. So we are generally talking 1-2 years. But you rarely want to keep it longer not because it likely contains details of people breaking the law, but because a legal discovery request is extremely expensive and a great way to attack even otherwise honorable businesses. It's a huge cost you can leverage against someone that they can only reasonably mitigate by not having much email to go through.

Man - that would be so awesome. But even if management did agree that - you'd have people that would be looking for ways to maintain the data for a much longer period - like printing and saving in a cabinet.. shudder.

I like many of the replies I get about cleaning out email. "Why, its free!" "Why, my 50 GB of email is nothing when we have 16TB drives for $200" "Why do I have to remove email older than 13 years, it isn't hurting anyone" "Why would I do that, I may need it later (Medicare Newsletters prior to 2010)" and the list goes on and on.

Exactly!

But you do have a reply as to - Why - it's not hurting anyone - yes, yes it is.. it's hurting the company if we ever get sued and have to do a legal discovery through that data - not only is it time consuming - the information could be damning either for the thing they are looking for or something completely unrelated.

Then my next question is - if something is so important that you need to keep it - why is it in email in the first place? Why can't you get that data someplace else more related to whatever it is you're saving it for? (That said, I realize that other documentation for something simply don't exist).

Maybe because it's so difficult to get it out of the email system.

Let's say you want to make document in pdf or something of an email conversation that you want to keep.

The emails you received is in some folder somewhere or tagged with something and the ones you sent is in the sent folder. If you have a threaded view the email client show them together.

But is there an easy way to push a button and get that conversation with every email in the right order into one pdf document? Usually not.

I understand that - and keeping things like that for a short time - say 2 years is fine... but if it needs to be more ephemeral than that, shouldn't there be some kind of policy or whatever it's about created to document such an important thing?

Probably yes. If it's something important you need to keep for many years it sounds the information should be in some kind of contract, project documentation or similar type of document.

@wls-itguy said in FreePBX DAHDI card not connecting:

@pete-s

Doesn't FreePBX use their own distro though? Or is that something different?

I don't know. I was always under the impression it was CentOS, which until recently is the same as RedHat Enterprise Linux.

I'm sure @JaredBusch knows more.

@wls-itguy said in FreePBX DAHDI card not connecting:

@dashrender said in FreePBX DAHDI card not connecting:

Total Linux Noob here - is that really a new kernel or just a patched kernel? Hell is there a difference?

Good question. Maybe @JaredBusch can answer that one.

3.10 is the linux kernel and 0 is the minor revision. Those numbers are from the linux kernel team. 1127 the patch number (Redhat's I think). The rest of the numbers is redhat's numbering scheme.

So Linux kernel team makes the kernel. And they maintain it for a couple of years - if it's a LTS kernel.

Redhat takes the stable kernel and adjust it for their use. Then Redhat maintains their kernel themselves by backporting security patches to it forever - long after the kernel is EOL.

That's why I'm surprised it broke hardware support because that exactly why Redhat sticks to the same old kernel for many, many years. They don't want to break anything.

Here you can see what kernel version each release is using.

@dashrender said in Volume Management Device (VMD) on HP devices:

@pete-s said in Volume Management Device (VMD) on HP devices:

On linux you have the vmd module in the kernel. ESXi also have drivers.

Damnit - it's been awesome for several years with Windows 10 where no external drivers were needed during install because they were all baked into the default ISO... since the VMD stuff has been around since 2018 (though only in laptops since Gen 11 Intel Core processors) I really wish MS would include it in new ISOs.

Maybe Windows 11 has it....there is always hope at the horizon.

@dashrender said in Email retention for non-regulated businesses?:

@pmoncho said in Email retention for non-regulated businesses?:

@dashrender said in Email retention for non-regulated businesses?:

@scottalanmiller said in Email retention for non-regulated businesses?:

@pete-s In the US they tend to say "as short as possible." Email is always a legal quagmire and the best thing to do is to delete is as quickly as possible. Which, of course, can't be that fast. So we are generally talking 1-2 years. But you rarely want to keep it longer not because it likely contains details of people breaking the law, but because a legal discovery request is extremely expensive and a great way to attack even otherwise honorable businesses. It's a huge cost you can leverage against someone that they can only reasonably mitigate by not having much email to go through.

Man - that would be so awesome. But even if management did agree that - you'd have people that would be looking for ways to maintain the data for a much longer period - like printing and saving in a cabinet.. shudder.

I like many of the replies I get about cleaning out email. "Why, its free!" "Why, my 50 GB of email is nothing when we have 16TB drives for $200" "Why do I have to remove email older than 13 years, it isn't hurting anyone" "Why would I do that, I may need it later (Medicare Newsletters prior to 2010)" and the list goes on and on.

Exactly!

But you do have a reply as to - Why - it's not hurting anyone - yes, yes it is.. it's hurting the company if we ever get sued and have to do a legal discovery through that data - not only is it time consuming - the information could be damning either for the thing they are looking for or something completely unrelated.

Then my next question is - if something is so important that you need to keep it - why is it in email in the first place? Why can't you get that data someplace else more related to whatever it is you're saving it for? (That said, I realize that other documentation for something simply don't exist).

Maybe because it's so difficult to get it out of the email system.

Let's say you want to make document in pdf or something of an email conversation that you want to keep.

The emails you received is in some folder somewhere or tagged with something and the ones you sent is in the sent folder. If you have a threaded view the email client show them together.

But is there an easy way to push a button and get that conversation with every email in the right order into one pdf document? Usually not.

@wls-itguy said in FreePBX DAHDI card not connecting:

Turns out the updated kernel doesn't like the Dahdi card. So support had to roll back the kernel version until the engineering team fixes it. No kernel updates for me until then.

How can you get kernel updates on CentOS? I thought you'd only get security patches on the same kernel. Exactly for the reason to avoid the problem you had.

@scottalanmiller said in Centralized Log Management:

@braswelljay said in Centralized Log Management:

Does not collect server, application and network logs sufficiently to respond to and investigate a cybersecurity incident

This is not a bad thing. Collecting logs is good, centrally is best. But only if you have a team that can use them. If you had that, likely you'd already be doing this. So the question is... before doing this, do you have a team ready to leverage it? Or is this just a way to potentially spend more money with the "cyber security" guys because there's no better way to make money than getting paid to read logs.

Standards such as ISO 27001 have requirement that logs are protected. If an intruder gains root privileges on a server the only way to protect the logs is to have them stored somewhere else. So having central logging might be a compliance issues in some cases.

What should the email retention policy be for companies that are not subject to any legal requirements?

Are there any best practices in this regard?