MEWBIES@: Facebook Twitter G+ YouTube DeviantArt Forum Wall
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
██ ██
█▌ - SPLUNK FREE - █▌
█▌ █▌
█ ▐▌
█ Splunk is a very easy to install and use log web interface log viewer. ▐▌
█ Splunk from their site information "Splunk is software that enables you to ▐▌
█ search, report, monitor and analyze streaming and historical data from any ▐▌
█ source in your IT infrastructure: logs, configurations, messages, traps ▐▌
█ and alerts, script, code, metrics and more. If a machine can generate it, ▐▌
█ Splunk can eat it." The website is HERE, their forums are HERE, they have ▐▌
█ an IRC channel on efnet #splunk, manuals HERE, and their community wiki is ▐▌
█ HERE. SEARCH Splunk manual based on version HERE. Splunk offers a Free ▐▌
█ version of their VERY expensive Enterprise version (starting at USD$6,000) ▐▌
█ that works just fine for smaller servers. You can only download the demo ▐▌
█ version so that you'll be able to experience the Enterprise features for a ▐▌
█ minimum of 60 days (more if needed). If you don't want to use Enterprise ▐▌
█ edition there is an option to use the free version after installing, view ▐▌
█ HERE. View the feature differences of Free and Enterprise HERE. ▐▌
█ ▐▌
█ Splunk will run on Windows, Mac and Linux. So you are able to for example ▐▌
█ have your Linux logs/messages sent real-time to your Windows where Splunk ▐▌
█ can handle them for you. View my syslog-ng tutorial HERE for more ▐▌
█ information. This tutorial will cover Linux, Debian only. ▐▌
█ ▐▌
█ FREE NOTES: ▐▌
█ ``````````` ▐▌
█ Read THIS first to be sure their free version suits your needs. ▐▌
█ According to the Splunk Free information you can "index up to 500MB/day ▐▌
█ and will never expire. If you go over 500MB/day more than 3 times in a 30 ▐▌
█ day period, Splunk will continue to index your data, but search will be ▐▌
█ disabled until you are back down to 3 or fewer times in the 30 day ▐▌
█ period." ▐▌
█ ▐▌
█ PREREQUISITES: ▐▌
█ `````````````` ▐▌
█ As far as I know libstdc++6 only: ▐▌
█ dpkg -l libstdc++6 ▐▌
█ If you don't have it: ▐▌
█ su ▐▌
█ aptitude update ▐▌
█ aptitude install libstdc++6 ▐▌
█ exit ▐▌
█ ▐▌
█ INSTALL: ▐▌
█ ```````` ▐▌
█ To access the download file via web you need to sign up, any e-mail works ▐▌
█ as you will be given the link to the file immediately. ▐▌
█ Or you can use a direct link for v4.1.4-82143: ▐▌
█ wget http://download.splunk.com/releases/4.1.4/linux/splunk-4.1.4-82143-linux-2.6-intel.deb
█ (Windows x86 is HERE.) ▐▌
█ su ▐▌
█ dpkg -i splunk-4.1.4-82143-linux-2.6-intel.deb ▐▌
█ Output: ▐▌
█ [snip] ▐▌
█ Splunk has been installed in: ▐▌
█ /opt/splunk ▐▌
█ To start Splunk, run the command: ▐▌
█ /opt/splunk/bin/splunk start ▐▌
█ To use the Splunk Web interface, point your browser at: ▐▌
█ http://yourserver.com:8000 ▐▌
█ Complete documentation is at http://www.splunk.com/r/docs ▐▌
█ ▐▌
█ START SPLUNK: ▐▌
█ ````````````` ▐▌
█ To start it: ▐▌
█ /opt/splunk/bin/splunk start ▐▌
█ Then hit enter key until you come to the end of the EULA, then type in: ▐▌
█ y ▐▌
█ Output: ▐▌
█ Copying '/opt/splunk/etc/myinstall/splunkd.xml.cfg-default' to ▐▌
█ '/opt/splunk/etc/myinstall/splunkd.xml'. ▐▌
█ [snip] ▐▌
█ The Splunk web interface is at http://yourserver.com:8000 ▐▌
█ ▐▌
█ Test it by going to the address the install output gave you, such as: ▐▌
█ http://yourserver.com:8000 ▐▌
█ Which will redirect you to: ▐▌
█ http://youserver.com:8000/en-US/account/login?return_to=%2Fen-US%2F ▐▌
█ Default login is stated on this page: ▐▌
█ Username: admin ▐▌
█ Password: changeme ▐▌
█ ▐▌
█ According to Splunk information "Note: Splunk with a free license does not ▐▌
█ have access controls, so you will not be prompted for login information." ▐▌
█ So you might consider protecting this area for example with a .htaccess ▐▌
█ file for when your trial edition expires. ▐▌
█ ▐▌
█ Once you login you'll be at App/Launcher Welcome. ▐▌
█ ▐▌
█ GET STARTED: ▐▌
█ ```````````` ▐▌
█ CHANGE PASSWORD: ▐▌
█ Top right of page right click on 'Manager' then click on 'User options' . ▐▌
█ Click on Users/admin/admin again to change your password and e-mail. ▐▌
█ ▐▌
█ LICENSE: ▐▌
█ Launcher Welcome page/Manager/License to view your license details, time ▐▌
█ left and option to change to Free. ▐▌
█ ▐▌
█ CHANGE SPLUNK DEFAULT SERVER NAME & ENABLE SSL: ▐▌
█ Manager/System settings/General Settings/ ▐▌
█ Splunk server name: Enter the name you would like. ▐▌
█ Enable SSL (HTTPS) in Splunk Web?- Select Yes. ▐▌
█ Click Save at the bottom. ▐▌
█ ▐▌
█ EMAIL ALERT SETTINGS: ▐▌
█ Manager/System settings/Email alter settings ▐▌
█ If you want to use the PDF feature view HERE. ▐▌
█ ▐▌
█ SET MINIMUM FREE DISK SPACE: ▐▌
█ Manger/System settings/General settings last setting on that page. ▐▌
█ Once Splunk has reached its minimum free space size it will stop indexing, ▐▌
█ default is 2,000 MB. It will resume when space becomes available. ▐▌
█ ▐▌
█ SET DATABASE STORAGE MAXIMUM SIZE OR AGE: ▐▌
█ "The default maximum size for an index is 500000 MB." "When one of these ▐▌
█ limits is reached, the oldest indexed data will be deleted (the default) ▐▌
█ or archived. You can archive the data by using a predefined archive script ▐▌
█ or creating your own." Read HERE. ▐▌
█ ▐▌
█ mkdir /opt/splunk/etc/local ▐▌
█ You can use the example file here: ▐▌
█ cp /opt/splunk/etc/system/README/indexes.conf.example /opt/splunk/etc/local/indexes.conf
█ Or you can create your own, by pasting in the code below and editing it to ▐▌
█ your needs, or editing the code in the example to the example below: ▐▌
█ pico /opt/splunk/etc/local/indexes.conf ▐▌
█ For example to paste in: ▐▌
█ # The following example changes the default amount of space used on a ▐▌
█ per-index basis. ▐▌
█ [default] ▐▌
█ maxTotalDataSizeMB = 100000 ▐▌
█ ▐▌
█ # The following example changes the time data is kept around by default. ▐▌
█ # It also sets an export script. NOTE: You must edit this script to set ▐▌
█ export location before ▐▌
█ # running it. ▐▌
█ ▐▌
█ [default] ▐▌
█ maxWarmDBCount = 200 ▐▌
█ frozenTimePeriodInSecs = 432000 ▐▌
█ rotatePeriodInSecs = 30 ▐▌
█ coldToFrozenScript = /opt/bin/compressedExport.sh ▐▌
█ ▐▌
█ Note that on Debian at least, the file 'compressedExport.sh' referenced ▐▌
█ above does not exist: ▐▌
█ find /opt -name compressedExport.sh ▐▌
█ Splunk states "* Splunk ships with two default archiving scripts (or ▐▌
█ create your own): ▐▌
█ * compressedExport.sh - Export with tsidx files compressed as gz. ▐▌
█ * flatfileExport.sh - Export each source as a flat text file." HERE, so ▐▌
█ that is irritating to put it nicely. ▐▌
█ ▐▌
█ After making this change you'll need to restart Splunk and wait for it to ▐▌
█ re-index the data to your requirements: ▐▌
█ /opt/splunk/bin/splunk restart ▐▌
█ ▐▌
█ SYSTEM LOGGING: ▐▌
█ Manager/System settings/System Logging ▐▌
█ Click on an item to change its default settings. Any changes here Splunk ▐▌
█ must be restarted. You can do so from the web page- top link 'Click here ▐▌
█ to restart from the Manager'. ▐▌
█ Wait a bit then click on the re-login screen- it will stay there until you ▐▌
█ do. Firefox might ask you to re-accept the SSL cert, click on 'I ▐▌
█ Understand the Risks', Add Exception, Get Certificate, Confirm Security ▐▌
█ Exception, then you can re-login again. ▐▌
█ ▐▌
█ JOBS: ▐▌
█ This will open all search jobs that are currently running and completed. ▐▌
█ Click on Jobs top right menu, then click on an item to view its details, ▐▌
█ chart, etc. ▐▌
█ ▐▌
█ SHELL COMMANDS for Debian: ▐▌
█ `````````````````````````` ▐▌
█ Splunk help menu: ▐▌
█ /opt/splunk/bin/splunk help ▐▌
█ To check the status of splunk: ▐▌
█ /opt/splunk/bin/splunk status ▐▌
█ Output will be similar to: ▐▌
█ splunkd is running (PID: 19473). ▐▌
█ splunk helpers are running (PIDs: 19474). ▐▌
█ splunkweb is running (PID: 19516). ▐▌
█ ▐▌
█ If you were to ps x, you would see two instances of splunk: ▐▌
█ 19473 ? Sl 8:04 splunkd -p 8089 restart ▐▌
█ 19474 ? Ss 0:09 splunkd -p 8089 restart ▐▌
█ ▐▌
█ To start both splunk - splunkd (indexer and other back-end processes) and ▐▌
█ splunkweb (web interface), as root: ▐▌
█ /opt/splunk/bin/splunk start ▐▌
█ To start them individually: ▐▌
█ /opt/splunk/bin/splunk start splunkd ▐▌
█ /opt/splunk/bin/splunk start splunkweb ▐▌
█ stop and restart are the other variables for running splunk. ▐▌
█ ▐▌
█ On other OSes you might only need to run 'splunk variable', for example: ▐▌
█ splunk status ▐▌
█ ▐▌
█ To view your license and your daily usage amount including any violations ▐▌
█ to trial mode, you can run this cmd as a user, then you'll be prompted for ▐▌
█ your Splunk login: ▐▌
█ /opt/splunk/bin/splunk show license ▐▌
█ ▐▌
█ To list your indexes: ▐▌
█ /opt/splunk/bin/splunk list index ▐▌
█ ▐▌
█ Note that many of the methods to change settings via the web interface ▐▌
█ also can been done via command line. View the Admin manual for those. ▐▌
█ ▐▌
█ WATCH IN REAL TIME: ▐▌
█ `````````````````` ▐▌
█ On your Splunk page go to Search then drop down window select Real Time ▐▌
█ ->All time (real-time). ▐▌
█ Make an event happen on one of the logs you have entered, for example if ▐▌
█ you added glftpd login log then login in to your glftpd server and it will ▐▌
█ show on the Splunk graph. Click on the graph to view the new event. ▐▌
█ ▐▌
█ SETTING UP SPLUNK: ▐▌
█ `````````````````` ▐▌
█ Go back to the main page, or click in upper right corner 'App' then select ▐▌
█ 'Getting started' and take it from there and/or view the Admin manual ▐▌
█ starting HERE and the user manual starting HERE. These are a few things I ▐▌
█ have done - ▐▌
█ ▐▌
█ ADD DATA (A LOG) TO SPLUNK: ▐▌
█ ``````````````````````````` ▐▌
█ Example to Apache logs. First go to your url http://yoursite.com:8080 so ▐▌
█ that you aren't in another app. Then click top right Manager/Data ▐▌
█ inputs/Files & Directories ->Add new ▐▌
█ Enter in the Source window /Full path on server: /var/log/apache2/*.log ▐▌
█ Click the Save button. ▐▌
█ You'll now see it listed under the App 'launcher'. According to the manual ▐▌
█ "Important: If you add an input, Splunk adds that input to a copy of ▐▌
█ inputs.conf that belongs to the app you're currently in. This means that ▐▌
█ if you navigated to Splunk Manager directly from the Launcher and then ▐▌
█ added an input there, your input will be added to ▐▌
█ $SPLUNK_HOME/etc/apps/launcher/local/inputs.conf" ▐▌
█ ▐▌
█ For example, delete the above logs that you added, then go to your Front ▐▌
█ page (launcher) click on Search/Add more data/Files & Directories ->Add ▐▌
█ new and add the logs again (/var/log/apache2/*.log) you'll now see it ▐▌
█ listed under App 'search'. ▐▌
█ ▐▌
█ To view it easily in either case, go to your front page again, click ▐▌
█ Search, click on the log. ▐▌
█ You are also able to add your jailed glftpd logs, for example: ▐▌
█ /jail/glftpd/ftp-data/logs/login.log ▐▌
█ ▐▌
█ You can click on Clone for the first one you added if you want to use same ▐▌
█ settings for another log, then you only need to change the Full path on ▐▌
█ the server to the path of the other log you want to add and other options ▐▌
█ you might want to change. ▐▌
█ ▐▌
█ Once you have added all the logs you want, you need to restart splunk. ▐▌
█ ▐▌
█ SYSLOG-NG MESSAGES TO SPLUNK: ▐▌
█ ````````````````````````````` ▐▌
█ If you are using syslog-ng (tutorial HERE) and want to send its data to ▐▌
█ Splunk there are a number of options: ▐▌
█ ▐▌
█ 1. You might read to use a pipe; mkfifo, but Splunk recommends not to use ▐▌
█ this method. One of the reasons not to is that when Splunk is restarted it ▐▌
█ won't be able to catch that data during that period, nor would it be able ▐▌
█ to if there is a Internet down time. Also to use FIFO (first in first out) ▐▌
█ both syslog-ng and Splunk should be on the same server. If you still would ▐▌
█ like to explore this read HERE - I've put directions how to. ▐▌
█ ▐▌
█ 2. Have syslog-ng forward its raw data over TCP or UDP port 514 to same ▐▌
█ server or another remote server. ▐▌
█ (Use in your settings: sourcetype = syslog). Read HERE how to do that for ▐▌
█ Splunk. Read HERE, HERE, HERE or HERE how to do it for the other end ▐▌
█ 'syslog-ng'. UDP is not the best option tho as its known to drop entire ▐▌
█ messages. ▐▌
█ ▐▌
█ TCP Free/Enterprise Confusion: ▐▌
█ These statements: - "Splunk with an Enterprise license can receive data on ▐▌
█ any TCP port, allowing Splunk to receive remote data from syslog-ng and ▐▌
█ any other application that transmits via TCP." ▐▌
█ - "Without an enterprise license, you cannot receive data from a Splunk ▐▌
█ forwarder which allows transmission of archive data." ▐▌
█ - "you can forward data to other Splunk instances, but not to non-Splunk ▐▌
█ instances". Read HEREand HERE. ▐▌
█ ▐▌
█ Summary how to do it for Splunk via the web interface: ▐▌
█ Splunk/Manager/Data Inputs/UDP/New/ ▐▌
█ Enter for UDP port: 514 ▐▌
█ Select source type from list: syslog ▐▌
█ Click Save ▐▌
█ ▐▌
█ 3. Easy method if you don't want to forward your syslog-ng to another ▐▌
█ server is just to add the logs /var/log/ to Splunk like we did above for ▐▌
█ the Apache example: ▐▌
█ Manager/Data inputs/Files & Directories ->Add new ▐▌
█ Full path on server: /var/log/syslog ▐▌
█ Set host: segment in path ▐▌
█ *Segment #: 4 ▐▌
█ Set sourcetype: From list ▐▌
█ Select source type from list: syslog ▐▌
█ Press Save. ▐▌
█ ▐▌
█ *Segment note: This just means to look in x column for the host name. ▐▌
█ Example of an entry in syslog: ▐▌
█ Aug 2 06:25:24 myserver.com identd[13425]: /etc/identd.conf: 77: missing ▐▌
█ '=' ▐▌
█ Note that myserver.com is in the 4th column=4th segment ▐▌
█ ▐▌
█ After pressing Save you'll be brought back to Manager/Data inputs/Files & ▐▌
█ Directories page where you can see your new /var/log/syslog entry. At the ▐▌
█ end of its entry is 'Clone', click on it to add another log with the same ▐▌
█ settings then you only need to change Full path on server for your other ▐▌
█ syslog-ng logs you would like to enter. ▐▌
█ The logs that syslog-ng writes to (in human readable form) are listed in ▐▌
█ its configuration file syslog-ng.conf: ▐▌
█ /var/log/auth.log ▐▌
█ /var/log/cron.log ▐▌
█ /var/log/daemon.log ▐▌
█ /var/log/kern.log ▐▌
█ /var/log/mail.log ▐▌
█ /var/log/user.log ▐▌
█ /var/log/uucp.log ▐▌
█ ▐▌
█ /var/log/debug ▐▌
█ /var/log/mail.err ▐▌
█ /var/log/messages ▐▌
█ ▐▌
█ For those ending with .log you could enter: /var/log/*.log ▐▌
█ ▐▌
█ SPLUNK LOG FILES: ▐▌
█ ````````````````` ▐▌
█ Via your Splunk you can search your Splunk log files using Search and ▐▌
█ entering into the search window: index::_internal ▐▌
█ HERE is a list detailing what these logs files are for. ▐▌
█ ▐▌
█ ls -al /opt/splunk/var/log/splunk ▐▌
█ These logs are rotated based on size- 25MB. To change this setting: ▐▌
█ pico /opt/splunk/etc/log.cfg ▐▌
█ Scroll down to around line 63 and change it: ▐▌
█ appender.A1.maxFileSize=25000000 # default: 25MB (specified in bytes). ▐▌
█ appender.A1.maxBackupIndex=5 ▐▌
█ ▐▌
█ After making this change you'll need to restart Splunk: ▐▌
█ /opt/splunk/bin/splunk restart ▐▌
█ ▐▌
█ SPLUNK AUTO RUN AT BOOT TIME: ▐▌
█ ````````````````````````````` ▐▌
█ To have Splunk auto run at boot time as root: ▐▌
█ /opt/splunk/bin/splunk enable boot-start ▐▌
█ ▐▌
█ To have Splunk auto run at boot time as a user, for example mewbie, run as ▐▌
█ root: ▐▌
█ /opt/splunk/bin/splunk enable boot-start -user mewbie ▐▌
█ ▐▌
█ To stop Splunk from running at boot time: ▐▌
█ /opt/splunk/bin/splunk disable boot-start ▐▌
█ ▐▌
█ BROWSE MORE APPS: ▐▌
█ ````````````````` ▐▌
█ Manager/Apps/Browse SplunkBase for more apps button. These are the mostly ▐▌
█ free add-ons you can use with Splunk. Curious I tried the 'Web Page ▐▌
█ Monitor', more info HERE. I was hoping it would be similar to the best ▐▌
█ around - 'WebSite-Watcher' (read HERE also), it's NOT. Basically it will ▐▌
█ give you stats about the page such as ping, size, md5 etc. It will not ▐▌
█ highlight changes etc. ▐▌
█ This is how: ▐▌
█ Click on Install Free, you'll be prompted for your 'Splunk website' login ▐▌
█ name and pass (not your own server Splunk login). ▐▌
█ It will now be installed. ▐▌
█ Go to Manager/Apps and it will be listed as 'webping', click on it. ▐▌
█ Enter a description such as "Web Page Monitor", leave this plug-in as ▐▌
█ Visible 'No' ▐▌
█ (or receive an error such as TypeError: 'NoneType' object is ▐▌
█ unsubscriptable) ▐▌
█ You'll then need to restart Splunk. ▐▌
█ It will now be listed on your main page and your Apps drop down menu. ▐▌
█ ▐▌
█ Then in your shell enter the URLs you want to monitor: ▐▌
█ pico /opt/splunk/etc/apps/webping/default/urls.conf ▐▌
█ Has this: ▐▌
█ # Copyright (C) 2005-2008 Splunk Inc. All Rights Reserved. Version 3.0 ▐▌
█ [Sample URL1] ▐▌
█ url = http://www.somehost.com ▐▌
█ timeout = 30 ▐▌
█ userAgent = Mozilla/4.0 ▐▌
█ indexMD5 = true ▐▌
█ ▐▌
█ [Sample URL2] ▐▌
█ url = http://www.anotherhost.com/apage ▐▌
█ indexResults = false ▐▌
█ timeout = 30 ▐▌
█ indexMD5 = 1 ▐▌
█ indexResults = True ▐▌
█ ▐▌
█ I changed it to: ▐▌
█ # Copyright (C) 2005-2008 Splunk Inc. All Rights Reserved. Version 3.0 ▐▌
█ [TEST1] ▐▌
█ url = http://mewbies.com ▐▌
█ timeout = 10 ▐▌
█ userAgent = Mozilla/4.0 ▐▌
█ indexMD5 = true ▐▌
█ indexResults = true ▐▌
█ ▐▌
█ Then back in Splunk click 'Search', enter: sourcetype=webping ▐▌
█ Results would be similar to: ▐▌
█ ping_name = TEST ▐▌
█ ping_url = http://mewbies.com ▐▌
█ time_in_ms = 208 ▐▌
█ size_in_bytes = 770 ▐▌
█ status_code = 200 ▐▌
█ ping_md5 = e6a3be7d0d613c4a06e0214945c4d67c ▐▌
█ contents = ▐▌
█ <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" ▐▌
█ [snip -it's just the html code from the web page] ▐▌
█ ▐▌
█ APP NIX: ▐▌
█ ```````` ▐▌
█ Under the Apps I also enabled 'Nix'. Then to try out the Enterprise ▐▌
█ feature of e-mailing alerts: ▐▌
█ MANAGER/APPS/unix->Setup/ Click Enable all boxes/Save ▐▌
█ You might have an error at this point 'Encountered the following error ▐▌
█ while trying to update: In handler 'localapps': Index 'os' does not ▐▌
█ exist.' ▐▌
█ Restarting your Splunk should fix that, read HERE. ▐▌
█ You can now access your NIX data from the Apps tab or drop down window. ▐▌
█ Also if you go to your Search app it will now list those you enabled. ▐▌
█ MANAGER/APPS/unix->View configurations/ click on Enable for those you want ▐▌
█ to enable. ▐▌
█ ▐▌
█ Then to be to notified by e-mail, for example scroll down to ' Failed ▐▌
█ Attempts at SU, click on it. select 'Failed_SU', ▐▌
█ Time range, Start time enter: -5m@m ▐▌
█ Check Schedule and select ▐▌
█ Schedule type: Cron ▐▌
█ Cron schedule: */5 * * * * ▐▌
█ (which means every 5 minutes) ▐▌
█ Alert conditions: if number of events / is greater than / 0 ▐▌
█ Alert actions: Send email ▐▌
█ Email address(es): yours@email.com ▐▌
█ Include results in email ▐▌
█ Click Save. ▐▌
█ ▐▌
█ Test it by doing a failed su login. Check your e-mail in x minutes that ▐▌
█ you set cron for. ▐▌
█ Note you must have your outgoing e-mail set up. If you don't read my exim4 ▐▌
█ tutorial HERE. ▐▌
█ ▐▌
█ TROUBLE SHOOTING: ▐▌
█ ````````````````` ▐▌
█ LOGOUT FIRST BEFORE CLOSING SPLUNK WEB PAGE: ▐▌
█ If for example you close splunk page without logging out first, then try ▐▌
█ to access page again, you might receive the error: ▐▌
█ An error occurred during a connection to yoursite.com:8000. ▐▌
█ SSL received a record that exceeded the maximum permissible length. ▐▌
█ (Error code: ssl_error_rx_record_too_long) ▐▌
█ ▐▌
█ What I did was just open another tab and entered the URL: ▐▌
█ http://yoursite.com:8000/en-US/app/launcher/home ▐▌
█ Or any other URL that you visited before logging out, then logout ▐▌
█ properly. ▐▌
█ ▐▌
█ There is an FAQ is HERE regarding syslog-ng. ▐▌
█ ▐▌
█ //---------------------------------------------------------------------- ▐▌
█ ▐▌
█ If you find mistakes, have suggestions, and or questions please post at ▐▌
█ mewbies forum HERE - thank you. ▐▌
█ ▐▌
█ Last update on 23 Aug '10 ▐▌
█ ▐▌
█▌ █▌
█▌ - mewbies.com - █▌
█▌ █▌
██▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄██