def get_data_input(splunkd_uri,
session_key,
owner,
app_name,
input_type,
name=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. "-", "nobody"
:param app_name: the app"s name, e.g. "Splunk_TA_aws"
:param input_type: name of the input type.
if it is a script input, the input is "script",
for modinput, say snow, the input is "snow"
:param name: The name of the input stanza to create.
i.e. stanza [<input_type>://<name>] will be deleted.
:return: a list of stanzas in the input type, including metadata
"""
uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type)
if name:
uri += "/" + name.replace("/", "%2F")
msg = "Failed to get data input in app=%s: %s://%s" % (app_name,
input_type, name)
content = content_request(uri, session_key, "GET", None, msg)
return xdp.parse_conf_xml_dom(content)
def _get_credentials(self, prop, name=None):
"""
:return: clear or encrypted password for specified realm, user
"""
endpoint = self._get_endpoint(name, True)
response, content = rest.splunkd_request(
endpoint,
self._session_key,
method="GET")
if response is None and content is None:
raise CredException("Failed to get clear credentials")
results = {}
if response and response.status in (200, 201) and content:
passwords = xdp.parse_conf_xml_dom(content)
for password in passwords:
if password.get("realm") == self._realm:
values = password[prop].split(self._sep)
if len(values) % 2 == 1:
continue
result = {
values[i]: values[i + 1]
for i in range(0, len(values), 2)
}
results[password.get("username")] = result
return results
def get_google_creds(server_uri,
session_key,
user="******",
app=ggc.splunk_ta_google,
cred_name=""):
"""
:param: get clear creds for cred_name.
:return: a dict of dict which contains all creds. if cred_name is in
(None, ""), return all creds
"""
if not cred_name:
cred_name = ""
url = ("{server_uri}/servicesNS/{user}/{app}/splunk_ta_google"
"/google_credentials/{name}?--get-clear-credential--=1").format(
server_uri=server_uri,
user=user,
app=app,
name=urllib.quote(cred_name, safe=''),
)
response, content = sr.splunkd_request(url, session_key, method="GET")
if not response or response.status not in (200, 201):
raise Exception("Failed to get google credentials for name={}. "
"Check util log for more details".format(cred_name))
stanzas = xdp.parse_conf_xml_dom(content)
creds = {}
for stanza in stanzas:
cred = json.loads(stanza[ggc.google_credentials])
stanza[ggc.google_credentials] = cred
creds[stanza[ggc.name]] = stanza
return creds
def get_data_input(splunkd_uri,
session_key,
owner,
app_name,
input_type,
name=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. '-', 'nobody'
:param app_name: the app's name, e.g. 'Splunk_TA_aws'
:param input_type: name of the input type.
if it is a script input, the input is 'script',
for modinput, say snow, the input is 'snow'
:param name: The name of the input stanza to create.
i.e. stanza [<input_type>://<name>] will be deleted.
:return: the key-value dict of the data input, or a list of stanzas in
the input type, including metadata
"""
uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type)
if name:
uri += "/" + util.format_stanza_name(name)
msg = "Failed to get data input in app=%s: %s://%s" % (app_name,
input_type, name)
content = _content_request(uri, session_key, "GET", None, msg)
if content is not None:
result = xdp.parse_conf_xml_dom(content)
if name:
result = result[0]
return result
return None
def get_conf(splunkd_uri,
session_key,
owner,
app_name,
conf_name,
stanza=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. "-", "nobody"
:param app_name: the app"s name, e.g. "Splunk_TA_aws"
:param conf_name: the name of the conf file, e.g. "props"
:param stanza: stanza name, e.g. "aws:cloudtrail"
:return: a list of stanzas in the conf file, including metadata
"""
uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name)
if stanza:
uri += "/" + stanza.replace("/", "%2F")
# get all the stanzas at one time
uri += "?count=0&offset=0"
msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza)
content = content_request(uri, session_key, "GET", None, msg)
return xdp.parse_conf_xml_dom(content)
def get_conf(splunkd_uri,
session_key,
owner,
app_name,
conf_name,
stanza=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. '-', 'nobody'
:param app_name: the app's name, e.g. 'Splunk_TA_aws'
:param conf_name: the name of the conf file, e.g. 'props'
:param stanza: stanza name, e.g. 'aws:cloudtrail'
:return: the key-value dict of the stanza, or a list of stanzas in
the conf file, including metadata
"""
uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name)
if stanza:
uri += '/' + stanza.replace('/', '%2F')
msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza)
content = _content_request(uri, session_key, "GET", None, msg)
if content is not None:
result = xdp.parse_conf_xml_dom(content)
if stanza:
result = result[0]
return result
return None
def get_global_settings(server_uri,
session_key,
user="******",
app=ggc.splunk_ta_google):
"""
:param: get global settings for global settings
:return: a dict of dict which contains global settings .
"""
url = ("{server_uri}/servicesNS/{user}/{app}/splunk_ta_google"
"/google_settings?--get-clear-credential--=1").format(
server_uri=server_uri, user=user, app=app)
response, content = sr.splunkd_request(url, session_key, method="GET")
if not response or response.status not in (200, 201):
raise Exception("Failed to get google global settings."
"Check util log for more details %s" % url)
stanzas = xdp.parse_conf_xml_dom(content)
settings = {}
for stanza in stanzas:
settings[stanza[ggc.name]] = stanza
if not utils.is_true(settings[ggc.proxy_settings].get(ggc.proxy_enabled)):
settings[ggc.proxy_settings][ggc.proxy_url] = None
return settings
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. "-", "nobody"
:param app_name: the app"s name, e.g. "Splunk_TA_aws"
:param conf_name: the name of the conf file, e.g. "props"
:param stanza: stanza name, e.g. "aws:cloudtrail"
:return: a list of stanzas in the conf file, including metadata
"""
uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name)
if stanza:
uri += "/" + util.format_stanza_name(stanza)
# get all the stanzas at one time
uri += "?count=0&offset=0"
msg = "Failed to get stanza={} in conf={}".format(
stanza if stanza else stanza,
conf_name,
)
content = content_request(uri, session_key, "GET", None, msg)
return xdp.parse_conf_xml_dom(content)
def get_conf(splunkd_uri,
session_key,
owner,
app_name,
conf_name,
stanza=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. "-", "nobody"
:param app_name: the app"s name, e.g. "Splunk_TA_aws"
:param conf_name: the name of the conf file, e.g. "props"
:param stanza: stanza name, e.g. "aws:cloudtrail"
:return: a list of stanzas in the conf file, including metadata
"""
uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name)
if stanza:
uri += "/" + _format_stanza_name(stanza)
# workaround count limit.
uri += "?count=-1"
msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza)
content = content_request(uri, session_key, "GET", None, msg)
if not content:
raise Exception(msg)
return xdp.parse_conf_xml_dom(content)
def get_data_input(splunkd_uri,
session_key,
owner,
app_name,
input_type,
name=None):
"""
:param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089
:param session_key: splunkd session key
:param owner: the owner (ACL user), e.g. "-", "nobody"
:param app_name: the app"s name, e.g. "Splunk_TA_aws"
:param input_type: name of the input type.
if it is a script input, the input is "script",
for modinput, say snow, the input is "snow"
:param name: The name of the input stanza to create.
i.e. stanza [<input_type>://<name>] will be deleted.
:return: a list of stanzas in the input type, including metadata
"""
uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type)
if name:
uri += urllib.quote("/" + name.replace("/", "%2F"))
# get all the stanzas at one time
uri += "?count=0&offset=0"
msg = "Failed to get data input in app=%s: %s://%s" % (
app_name, input_type, name)
content = content_request(uri, session_key, "GET", None, msg)
return xdp.parse_conf_xml_dom(content)
def _do_rest(uri, session_key):
resp, content = rest.splunkd_request(uri, session_key)
if resp is None:
return None
if resp.status not in (200, 201):
return None
stanza_objs = xdp.parse_conf_xml_dom(content)
if not stanza_objs:
return None
return stanza_objs[0]
def get_all_passwords(self):
"""
@return: a list of dict when successful, None when failed.
the dict at least contains
{
"realm": xxx,
"username": yyy,
"clear_password": zzz,
}
"""
endpoint = "{}/services/storage/passwords".format(self._splunkd_uri)
response, content = rest.splunkd_request(endpoint,
self._session_key,
method="GET")
if response and response.status in (200, 201) and content:
return xdp.parse_conf_xml_dom(content)
def _get_all_passwords(self):
"""
:return: a list of dict when successful, None when failed.
the dict at least contains
{
"realm": xxx,
"username": yyy,
"clear_password": zzz,
}
"""
endpoint = self._get_endpoint()
response, content = rest.splunkd_request(
endpoint, self._session_key, method="GET")
if response and response.status in (200, 201, "200", "201") and content:
return xdp.parse_conf_xml_dom(content)
raise CredException("Failed to get credentials")
def _get_all_passwords(self):
"""
:return: a list of dict when successful, None when failed.
the dict at least contains
{
"realm": xxx,
"username": yyy,
"clear_password": zzz,
}
"""
endpoint = self._get_endpoint()
response, content = rest.splunkd_request(
endpoint, self._session_key, method="GET"
)
if response and response.status in (200, 201, "200", "201") and content:
return xdp.parse_conf_xml_dom(content)
raise CredException("Failed to get credentials")
def get_conf(self, user, appname, file_name, stanza=None):
"""
@return: a list of dict stanza objects if successful.
Otherwise return None
"""
if stanza:
uri = "".join((self.splunkd_uri, "/servicesNS/", user, "/",
appname, "/configs/conf-", file_name, "/", stanza))
else:
uri = "".join(
(self.splunkd_uri, "/servicesNS/", user, "/", appname,
"/configs/conf-", file_name, "?count=0&offset=0"))
msg = "Failed to get conf={0}, stanza={1}".format(file_name, stanza)
content = self._do_request(uri, "GET", None, msg)
if content is not None:
return xdp.parse_conf_xml_dom(content)
return None
def get_data_input(self, user, appname, input_type, stanza_name=None):
"""
@user: ACL user
@appname: target app directory
@input_type: if it is a script input, the input_type "script",
for modinput, say snow, the intput_type "snow"
@stanza_name: name of the stanza to be deleted
@return: a list of dict objects, each is a stanza if success otherwise
None
"""
if stanza_name:
uri = "{}/servicesNS/{}/{}/data/inputs/{}/{}".format(
self.splunkd_uri, user, appname, input_type, stanza_name)
else:
uri = "{}/servicesNS/{}/{}/data/inputs/{}?count=0&offset=0".format(
self.splunkd_uri, user, appname, input_type)
msg = "Failed to get data input stanza for {}, {}, {}".format(
appname, input_type, stanza_name)
content = self._do_request(uri, "GET", None, msg)
if content is not None:
return xdp.parse_conf_xml_dom(content)
return None
def _do_request(self, uri, method, payload, err_msg):
content = req.content_request(uri, self.session_key, method,
payload, err_msg)
return xdp.parse_conf_xml_dom(content)
def _do_request(self, uri, method, payload, err_msg):
_, content = req.content_request(uri, self.session_key, method,
payload, err_msg)
return xdp.parse_conf_xml_dom(content)