def handle_POST(self):
self.verifyAllowRemote()
try:
post_args = urlencode(self.request["form"])
if sys.version_info >= (3, 0): post_args = post_args.encode()
logger.debug("Logging into %s" % self._login)
bundle_paths.BundleInstaller().validate_server_cert(
self._login, self._sslpol)
# Forward post arguments, including username and password.
with closing(urlopen(self._login, post_args,
URLOPEN_TIMEOUT)) as f:
root = safe_lxml.parse(f).getroot()
token = root.xpath("a:id", namespaces=NSMAP)[0].text
if self.request["output_mode"] == "json":
self.response.setHeader('content-type', 'application/json')
sessDict = {"response": {"sessionKey": token}}
self.response.write(json.dumps(sessDict))
else:
# Generate response.
response = etree.Element("response")
sessionKey = etree.SubElement(response, "sessionKey")
sessionKey.text = token
self.response.setHeader('content-type', 'text/xml')
self.response.write(
etree.tostring(response, pretty_print=True))
logger.debug("Login successful")
except HTTPError as e:
if e.code in [401, 405]:
# Returning 401 logs off current session
# Splunkbase retuns 405 when only password is submitted
raise splunk.RESTException(400, e.msg)
raise splunk.RESTException(e.code, e.msg)
except Exception as e:
logger.exception(e)
raise splunk.AuthenticationFailed
def handle_DELETE(self):
if 'authorization' in self.request['headers']:
sessionKey = self.request['headers']['authorization'].replace(
"Splunk ", "")
id = ''
try:
id = self.args['id']
except:
pass
result = splunk_app_stream.models.stream_forwarder_group.StreamForwarderGroup.delete(
id, sessionKey)
if 'status' in result:
self.response.status = result['status']
if self.response.status > 399:
raise splunk.RESTException(self.response.status,
result['error'])
output = {}
output['streamforwardergroups'] = result
logger.info("delete::result %s", result)
# refresh cherrypy cache for apps metadata
refresh_ping_cache()
return output
else:
raise splunk.RESTException(
401, "Unauthorized to perform DELETE operation")
def handle_POST(self):
if 'authorization' in self.request['headers']:
sessionKey = self.request['headers']['authorization'].replace("Splunk ", "")
h = HTMLParser.HTMLParser()
form_body = self.request['payload']
id = ''
try:
id = self.args['id']
del self.args['id']
except:
pass
splunk_app_stream.models.stream.update_streams_cache(sessionKey)
action = ''
try:
action = self.args['action']
del self.args['action']
except:
pass
if action in ['enable', 'disable', 'statsOnly']:
if not id:
self.response.status = 400
raise splunk.RESTException(self.response.status, "Invalid id specified")
else:
result = splunk_app_stream.models.stream.Stream.save('', sessionKey, id, action, None, **self.args)
if 'status' in result:
self.response.status = result['status']
if self.response.status > 399:
raise splunk.RESTException(self.response.status, result['error'])
output = {}
output['streams'] = result
logger.info("save::result %s", result)
# refresh cherrypy cache for apps metadata
refresh_ping_cache()
return output
try:
data = json.loads(form_body)
result = splunk_app_stream.models.stream.Stream.save(data, sessionKey, id, None, None, **self.args)
# refresh cherrypy cache for apps metadata
refresh_ping_cache()
except Exception as e:
logger.exception(e)
output = {}
output['streams'] = {'success': False, 'error': 'Internal error, malformed payload in the request', 'status': 500}
raise splunk.RESTException(500, 'Internal error, malformed payload in the request')
if 'status' in result:
self.response.status = result['status']
if self.response.status > 399:
raise splunk.RESTException(self.response.status, result['error'])
output = {}
output['streams'] = result
logger.info("save::result %s", result)
return output
else:
raise splunk.RESTException(401, "Unauthorized to perform POST or PUT operation")
def _get_feed_root(self, url):
"""
Get an Atom feed of application information from the remote provider.
"""
try:
target_url = url
# Forward GET arguments, and add user-agent.
args_dict = {}
headers = {}
args_dict.update(self.request["query"])
if self._platformInfo:
args_dict.update(self._platformInfo)
args = urllib.urlencode(args_dict)
if args != "":
target_url += ("?" + args)
logger.debug("Getting feed from: %s" % target_url)
if self._agent:
headers["User-Agent"] = self._agent
req = urllib2.Request(target_url, None, headers)
f = urllib2.urlopen(req, None, URLOPEN_TIMEOUT)
except urllib2.HTTPError, e:
raise splunk.RESTException(e.code, e.msg)
def handle_POST(self):
if 'authorization' in self.request['headers']:
sessionKey = self.request['headers']['authorization'].replace(
"Splunk ", "")
h = HTMLParser.HTMLParser()
form_body = self.request['payload']
id = ''
try:
id = self.args['id']
except:
pass
update_streams_cache(sessionKey)
splunk_app_stream.models.stream_forwarder_group.init_stream_forwarder_groups(
sessionKey)
try:
data = json.loads(form_body)
result = splunk_app_stream.models.stream_forwarder_group.StreamForwarderGroup.save(
data, id, None, sessionKey)
# refresh cherrypy cache for apps metadata
refresh_ping_cache()
except Exception as e:
logger.exception(e)
output = {}
output['streamforwardergroups'] = {
'success': False,
'error':
'Internal error, malformed payload in the request',
'status': 500
}
raise splunk.RESTException(
500, 'Internal error, malformed payload in the request')
if 'status' in result:
self.response.status = result['status']
if self.response.status > 399:
raise splunk.RESTException(self.response.status,
result['error'])
output = {}
output['streamforwardergroups'] = result
logger.info("save::result %s", result)
return output
else:
raise splunk.RESTException(
401, "Unauthorized to perform POST or PUT operation")
def _get_feed_root(self, url, extra_get_args={}):
"""
Get an Atom feed of application information from the remote provider.
"""
try:
target_url = url
# Forward GET arguments, and add user-agent.
args_dict = {}
headers = {}
args_dict.update(self.request["query"])
if (len(extra_get_args) > 0):
args_dict.update(extra_get_args)
if self._platformInfo:
args_dict.update(self._platformInfo)
args = urlencode(args_dict)
if args != "":
target_url += ("?" + args)
logger.debug("Getting feed from: %s" % target_url)
if self._agent:
headers["User-Agent"] = self._agent
bundle_paths.BundleInstaller().validate_server_cert(
target_url, self._sslpol)
req = Request(target_url, None, headers)
f = urlopen(req, None, URLOPEN_TIMEOUT)
except HTTPError as e:
raise splunk.RESTException(e.code, e.msg)
except URLError as e:
logger.exception(e)
raise splunk.RESTException(
503,
"Splunk is unable to connect to the Internet to find more apps."
)
except Exception as e:
logger.exception(e)
raise splunk.RESTException(404, "Resource not found")
try:
root = safe_lxml.parse(f).getroot()
f.close()
return root
except Exception as e:
raise splunk.InternalServerError(e)
def handle_POST(self):
self.verifyAllowRemote()
try:
post_args = urllib.urlencode(self.request["form"])
logger.debug("Logging into %s" % self._login)
# Forward post arguments, including username and password.
with closing(urllib2.urlopen(self._login, post_args, URLOPEN_TIMEOUT)) as f:
root = etree.parse(f).getroot()
token = root.xpath("a:id", namespaces=NSMAP)[0].text
# Generate response.
response = etree.Element("response")
sessionKey = etree.SubElement(response, "sessionKey")
sessionKey.text = token
self.response.setHeader('content-type', 'text/xml')
self.response.write(etree.tostring(response, pretty_print=True))
logger.debug("Login successful")
except urllib2.HTTPError, e:
if e.code in [401, 405]:
# Returning 401 logs off current session
# Splunkbase retuns 405 when only password is submitted
raise splunk.RESTException(400, e.msg)
raise splunk.RESTException(e.code, e.msg)
def handle_GET(self):
sessionKey = None
if 'systemAuth' in self.request and self.request['systemAuth']:
sessionKey = self.request['systemAuth']
else:
sessionKey = self.sessionKey
output = {}
# check for auth key
auth_key = None
if 'systemAuth' in self.request:
auth_key = extract_auth_key(self.request, self.args)
auth_success = validate_streamfwd_auth(auth_key)
if not auth_success:
self.response.status = 401
output = {}
output['httpinputs'] = {'success': False, 'error': 'Unauthorized', 'status': 401}
return output
try:
inputs = []
# Get list of HEC inputs
uri = '/services/data/inputs/http/http?output_mode=json'
serverResponse, serverContent = splunk.rest.simpleRequest(
util.make_url_internal(uri),
sessionKey,
postargs=None,
method='GET',
raiseAllErrors=True,
proxyMode=False,
rawResult=None,
jsonargs=None,
timeout=splunk.rest.SPLUNKD_CONNECTION_TIMEOUT
)
if serverResponse['status'] == '200':
jsonResp = json.loads(serverContent)
config = jsonResp['entry'][0]['content']
output['httpinputsconfigs'] = config
except Exception as e:
logger.exception(e)
raise splunk.RESTException(500, 'Internal error, failed to get HEC inputs')
return output
def handle_GET(self):
sessionKey = None
if 'systemAuth' in self.request and self.request['systemAuth']:
sessionKey = self.request['systemAuth']
else:
sessionKey = self.sessionKey
# check for auth key
auth_key = None
if 'systemAuth' in self.request:
auth_key = extract_auth_key(self.request, self.args)
auth_success = validate_streamfwd_auth(auth_key)
if not auth_success:
self.response.status = 401
output = {}
output['indexers'] = {'success': False, 'error': 'Unauthorized', 'status': 401}
return output
output = {}
try:
# Get indexers list through Splunk REST API
uri = '/services/search/distributed/peers?output_mode=json'
serverResponse, serverContent = splunk.rest.simpleRequest(
util.make_url_internal(uri),
sessionKey,
postargs=None,
method='GET',
raiseAllErrors=True,
proxyMode=False,
rawResult=None,
jsonargs=None,
timeout=splunk.rest.SPLUNKD_CONNECTION_TIMEOUT
)
jsonobj = json.loads(serverContent)
output['indexers'] = jsonobj['entry']
except Exception as e:
logger.exception(e)
raise splunk.RESTException(500, 'Internal error, failed to get indexers peer')
return output
def handle_GET(self):
id = ''
try:
id = self.args['id']
#because id is being passed in explicitly
if id:
self.args.pop('id')
except:
pass
sessionKey = None
if 'systemAuth' in self.request and self.request['systemAuth']:
sessionKey = self.request['systemAuth']
else:
sessionKey = self.sessionKey
# check for auth key
auth_key = None
if 'systemAuth' in self.request:
auth_key = extract_auth_key(self.request, self.args)
auth_success = validate_streamfwd_auth(auth_key)
if not auth_success:
self.response.status = 401
output = {}
output['streamforwardergroups'] = {
'success': False,
'error': 'Unauthorized',
'status': 401
}
return output
update_streams_cache(sessionKey)
result = splunk_app_stream.models.stream_forwarder_group.StreamForwarderGroup.list(
sessionKey, id, **self.args)
if 'status' in result:
self.response.status = result['status']
if self.response.status > 399:
raise splunk.RESTException(self.response.status, result['error'])
output = {}
output['streamforwardergroups'] = result
return output
def install_from_tar(self, path, force=False):
logger.debug("Examining application archive: %s" % path)
if not os.path.exists(path) or os.path.isdir(path):
raise splunk.ResourceNotFound('The package "%s" wasn\'t found' %
path)
tmpdir = None
appname = get_app_name_from_tarball(path)
existing = get_bundle(appname)
if not force and existing:
msg = 'App "%s" already exists; use the "-%s true" argument to install anyway' % (
appname, 'update')
raise splunk.RESTException(409, msg)
with closing(tarfile.open(path)) as tar:
tmpdir = tempfile.mkdtemp()
logger.debug("Extracting application to: %s" % tmpdir)
tar.extractall(tmpdir, members=self._filter_tar(tar))
result = self.install_from_dir(tmpdir, appname)
safe_remove(tmpdir)
return result
def handle_GET(self):
id = ''
try:
id = self.args['id']
del self.args['id']
except:
pass
sessionKey = None
if 'systemAuth' in self.request and self.request['systemAuth']:
sessionKey = self.request['systemAuth']
else:
sessionKey = self.sessionKey
if 'user-agent' in self.request['headers']:
self.args['user_agent'] = self.request['headers']['user-agent']
# check for auth key
auth_key = None
if 'systemAuth' in self.request:
auth_key = extract_auth_key(self.request, self.args)
auth_success = validate_streamfwd_auth(auth_key)
if not auth_success:
self.response.status = 401
output = {}
output['streams'] = {'success': False, 'error': 'Unauthorized', 'status': 401}
return output
#Need to do this since splunkd REST controllers are reloaded for every request and is not persisted
splunk_app_stream.models.stream.update_streams_cache(sessionKey)
result = splunk_app_stream.models.stream.Stream.list(sessionKey, id, **self.args)
if 'status' in result:
self.response.status = result['status']
if self.response.status > 399:
raise splunk.RESTException(self.response.status, result['error'])
output = {}
output['streams'] = result
return output
def verifyAllowRemote(self):
if not self._allowRemote:
raise splunk.RESTException(503, "Internet access is disabled")
if self._platformInfo:
args_dict.update(self._platformInfo)
args = urllib.urlencode(args_dict)
if args != "":
target_url += ("?" + args)
logger.debug("Getting feed from: %s" % target_url)
if self._agent:
headers["User-Agent"] = self._agent
req = urllib2.Request(target_url, None, headers)
f = urllib2.urlopen(req, None, URLOPEN_TIMEOUT)
except urllib2.HTTPError, e:
raise splunk.RESTException(e.code, e.msg)
except urllib2.URLError, e:
raise splunk.RESTException(503, "Splunk is unable to connect to the Internet to find more apps.")
except Exception, e:
raise splunk.RESTException(404, "Resource not found")
try:
root = etree.parse(f).getroot()
f.close()
return root
except Exception, e:
logger.exception(e)
raise splunk.InternalServerError(e)
# XXX: This is very brittle. Assumptions:
# - The local apps endpoint is named 'local'.
# - If the remote apps endpoint is at: /services/apps/remote,
# then the local apps endpoint is at: /services/apps/local
# - Local apps are located at /services/apps/local/<app_name>
