def handle_POST(self): self.verifyAllowRemote() try: post_args = urlencode(self.request["form"]) if sys.version_info >= (3, 0): post_args = post_args.encode() logger.debug("Logging into %s" % self._login) bundle_paths.BundleInstaller().validate_server_cert( self._login, self._sslpol) # Forward post arguments, including username and password. with closing(urlopen(self._login, post_args, URLOPEN_TIMEOUT)) as f: root = safe_lxml.parse(f).getroot() token = root.xpath("a:id", namespaces=NSMAP)[0].text if self.request["output_mode"] == "json": self.response.setHeader('content-type', 'application/json') sessDict = {"response": {"sessionKey": token}} self.response.write(json.dumps(sessDict)) else: # Generate response. response = etree.Element("response") sessionKey = etree.SubElement(response, "sessionKey") sessionKey.text = token self.response.setHeader('content-type', 'text/xml') self.response.write( etree.tostring(response, pretty_print=True)) logger.debug("Login successful") except HTTPError as e: if e.code in [401, 405]: # Returning 401 logs off current session # Splunkbase retuns 405 when only password is submitted raise splunk.RESTException(400, e.msg) raise splunk.RESTException(e.code, e.msg) except Exception as e: logger.exception(e) raise splunk.AuthenticationFailed
def handle_DELETE(self): if 'authorization' in self.request['headers']: sessionKey = self.request['headers']['authorization'].replace( "Splunk ", "") id = '' try: id = self.args['id'] except: pass result = splunk_app_stream.models.stream_forwarder_group.StreamForwarderGroup.delete( id, sessionKey) if 'status' in result: self.response.status = result['status'] if self.response.status > 399: raise splunk.RESTException(self.response.status, result['error']) output = {} output['streamforwardergroups'] = result logger.info("delete::result %s", result) # refresh cherrypy cache for apps metadata refresh_ping_cache() return output else: raise splunk.RESTException( 401, "Unauthorized to perform DELETE operation")
def handle_POST(self): if 'authorization' in self.request['headers']: sessionKey = self.request['headers']['authorization'].replace("Splunk ", "") h = HTMLParser.HTMLParser() form_body = self.request['payload'] id = '' try: id = self.args['id'] del self.args['id'] except: pass splunk_app_stream.models.stream.update_streams_cache(sessionKey) action = '' try: action = self.args['action'] del self.args['action'] except: pass if action in ['enable', 'disable', 'statsOnly']: if not id: self.response.status = 400 raise splunk.RESTException(self.response.status, "Invalid id specified") else: result = splunk_app_stream.models.stream.Stream.save('', sessionKey, id, action, None, **self.args) if 'status' in result: self.response.status = result['status'] if self.response.status > 399: raise splunk.RESTException(self.response.status, result['error']) output = {} output['streams'] = result logger.info("save::result %s", result) # refresh cherrypy cache for apps metadata refresh_ping_cache() return output try: data = json.loads(form_body) result = splunk_app_stream.models.stream.Stream.save(data, sessionKey, id, None, None, **self.args) # refresh cherrypy cache for apps metadata refresh_ping_cache() except Exception as e: logger.exception(e) output = {} output['streams'] = {'success': False, 'error': 'Internal error, malformed payload in the request', 'status': 500} raise splunk.RESTException(500, 'Internal error, malformed payload in the request') if 'status' in result: self.response.status = result['status'] if self.response.status > 399: raise splunk.RESTException(self.response.status, result['error']) output = {} output['streams'] = result logger.info("save::result %s", result) return output else: raise splunk.RESTException(401, "Unauthorized to perform POST or PUT operation")
def _get_feed_root(self, url): """ Get an Atom feed of application information from the remote provider. """ try: target_url = url # Forward GET arguments, and add user-agent. args_dict = {} headers = {} args_dict.update(self.request["query"]) if self._platformInfo: args_dict.update(self._platformInfo) args = urllib.urlencode(args_dict) if args != "": target_url += ("?" + args) logger.debug("Getting feed from: %s" % target_url) if self._agent: headers["User-Agent"] = self._agent req = urllib2.Request(target_url, None, headers) f = urllib2.urlopen(req, None, URLOPEN_TIMEOUT) except urllib2.HTTPError, e: raise splunk.RESTException(e.code, e.msg)
def handle_POST(self): if 'authorization' in self.request['headers']: sessionKey = self.request['headers']['authorization'].replace( "Splunk ", "") h = HTMLParser.HTMLParser() form_body = self.request['payload'] id = '' try: id = self.args['id'] except: pass update_streams_cache(sessionKey) splunk_app_stream.models.stream_forwarder_group.init_stream_forwarder_groups( sessionKey) try: data = json.loads(form_body) result = splunk_app_stream.models.stream_forwarder_group.StreamForwarderGroup.save( data, id, None, sessionKey) # refresh cherrypy cache for apps metadata refresh_ping_cache() except Exception as e: logger.exception(e) output = {} output['streamforwardergroups'] = { 'success': False, 'error': 'Internal error, malformed payload in the request', 'status': 500 } raise splunk.RESTException( 500, 'Internal error, malformed payload in the request') if 'status' in result: self.response.status = result['status'] if self.response.status > 399: raise splunk.RESTException(self.response.status, result['error']) output = {} output['streamforwardergroups'] = result logger.info("save::result %s", result) return output else: raise splunk.RESTException( 401, "Unauthorized to perform POST or PUT operation")
def _get_feed_root(self, url, extra_get_args={}): """ Get an Atom feed of application information from the remote provider. """ try: target_url = url # Forward GET arguments, and add user-agent. args_dict = {} headers = {} args_dict.update(self.request["query"]) if (len(extra_get_args) > 0): args_dict.update(extra_get_args) if self._platformInfo: args_dict.update(self._platformInfo) args = urlencode(args_dict) if args != "": target_url += ("?" + args) logger.debug("Getting feed from: %s" % target_url) if self._agent: headers["User-Agent"] = self._agent bundle_paths.BundleInstaller().validate_server_cert( target_url, self._sslpol) req = Request(target_url, None, headers) f = urlopen(req, None, URLOPEN_TIMEOUT) except HTTPError as e: raise splunk.RESTException(e.code, e.msg) except URLError as e: logger.exception(e) raise splunk.RESTException( 503, "Splunk is unable to connect to the Internet to find more apps." ) except Exception as e: logger.exception(e) raise splunk.RESTException(404, "Resource not found") try: root = safe_lxml.parse(f).getroot() f.close() return root except Exception as e: raise splunk.InternalServerError(e)
def handle_POST(self): self.verifyAllowRemote() try: post_args = urllib.urlencode(self.request["form"]) logger.debug("Logging into %s" % self._login) # Forward post arguments, including username and password. with closing(urllib2.urlopen(self._login, post_args, URLOPEN_TIMEOUT)) as f: root = etree.parse(f).getroot() token = root.xpath("a:id", namespaces=NSMAP)[0].text # Generate response. response = etree.Element("response") sessionKey = etree.SubElement(response, "sessionKey") sessionKey.text = token self.response.setHeader('content-type', 'text/xml') self.response.write(etree.tostring(response, pretty_print=True)) logger.debug("Login successful") except urllib2.HTTPError, e: if e.code in [401, 405]: # Returning 401 logs off current session # Splunkbase retuns 405 when only password is submitted raise splunk.RESTException(400, e.msg) raise splunk.RESTException(e.code, e.msg)
def handle_GET(self): sessionKey = None if 'systemAuth' in self.request and self.request['systemAuth']: sessionKey = self.request['systemAuth'] else: sessionKey = self.sessionKey output = {} # check for auth key auth_key = None if 'systemAuth' in self.request: auth_key = extract_auth_key(self.request, self.args) auth_success = validate_streamfwd_auth(auth_key) if not auth_success: self.response.status = 401 output = {} output['httpinputs'] = {'success': False, 'error': 'Unauthorized', 'status': 401} return output try: inputs = [] # Get list of HEC inputs uri = '/services/data/inputs/http/http?output_mode=json' serverResponse, serverContent = splunk.rest.simpleRequest( util.make_url_internal(uri), sessionKey, postargs=None, method='GET', raiseAllErrors=True, proxyMode=False, rawResult=None, jsonargs=None, timeout=splunk.rest.SPLUNKD_CONNECTION_TIMEOUT ) if serverResponse['status'] == '200': jsonResp = json.loads(serverContent) config = jsonResp['entry'][0]['content'] output['httpinputsconfigs'] = config except Exception as e: logger.exception(e) raise splunk.RESTException(500, 'Internal error, failed to get HEC inputs') return output
def handle_GET(self): sessionKey = None if 'systemAuth' in self.request and self.request['systemAuth']: sessionKey = self.request['systemAuth'] else: sessionKey = self.sessionKey # check for auth key auth_key = None if 'systemAuth' in self.request: auth_key = extract_auth_key(self.request, self.args) auth_success = validate_streamfwd_auth(auth_key) if not auth_success: self.response.status = 401 output = {} output['indexers'] = {'success': False, 'error': 'Unauthorized', 'status': 401} return output output = {} try: # Get indexers list through Splunk REST API uri = '/services/search/distributed/peers?output_mode=json' serverResponse, serverContent = splunk.rest.simpleRequest( util.make_url_internal(uri), sessionKey, postargs=None, method='GET', raiseAllErrors=True, proxyMode=False, rawResult=None, jsonargs=None, timeout=splunk.rest.SPLUNKD_CONNECTION_TIMEOUT ) jsonobj = json.loads(serverContent) output['indexers'] = jsonobj['entry'] except Exception as e: logger.exception(e) raise splunk.RESTException(500, 'Internal error, failed to get indexers peer') return output
def handle_GET(self): id = '' try: id = self.args['id'] #because id is being passed in explicitly if id: self.args.pop('id') except: pass sessionKey = None if 'systemAuth' in self.request and self.request['systemAuth']: sessionKey = self.request['systemAuth'] else: sessionKey = self.sessionKey # check for auth key auth_key = None if 'systemAuth' in self.request: auth_key = extract_auth_key(self.request, self.args) auth_success = validate_streamfwd_auth(auth_key) if not auth_success: self.response.status = 401 output = {} output['streamforwardergroups'] = { 'success': False, 'error': 'Unauthorized', 'status': 401 } return output update_streams_cache(sessionKey) result = splunk_app_stream.models.stream_forwarder_group.StreamForwarderGroup.list( sessionKey, id, **self.args) if 'status' in result: self.response.status = result['status'] if self.response.status > 399: raise splunk.RESTException(self.response.status, result['error']) output = {} output['streamforwardergroups'] = result return output
def install_from_tar(self, path, force=False): logger.debug("Examining application archive: %s" % path) if not os.path.exists(path) or os.path.isdir(path): raise splunk.ResourceNotFound('The package "%s" wasn\'t found' % path) tmpdir = None appname = get_app_name_from_tarball(path) existing = get_bundle(appname) if not force and existing: msg = 'App "%s" already exists; use the "-%s true" argument to install anyway' % ( appname, 'update') raise splunk.RESTException(409, msg) with closing(tarfile.open(path)) as tar: tmpdir = tempfile.mkdtemp() logger.debug("Extracting application to: %s" % tmpdir) tar.extractall(tmpdir, members=self._filter_tar(tar)) result = self.install_from_dir(tmpdir, appname) safe_remove(tmpdir) return result
def handle_GET(self): id = '' try: id = self.args['id'] del self.args['id'] except: pass sessionKey = None if 'systemAuth' in self.request and self.request['systemAuth']: sessionKey = self.request['systemAuth'] else: sessionKey = self.sessionKey if 'user-agent' in self.request['headers']: self.args['user_agent'] = self.request['headers']['user-agent'] # check for auth key auth_key = None if 'systemAuth' in self.request: auth_key = extract_auth_key(self.request, self.args) auth_success = validate_streamfwd_auth(auth_key) if not auth_success: self.response.status = 401 output = {} output['streams'] = {'success': False, 'error': 'Unauthorized', 'status': 401} return output #Need to do this since splunkd REST controllers are reloaded for every request and is not persisted splunk_app_stream.models.stream.update_streams_cache(sessionKey) result = splunk_app_stream.models.stream.Stream.list(sessionKey, id, **self.args) if 'status' in result: self.response.status = result['status'] if self.response.status > 399: raise splunk.RESTException(self.response.status, result['error']) output = {} output['streams'] = result return output
def verifyAllowRemote(self): if not self._allowRemote: raise splunk.RESTException(503, "Internet access is disabled")
if self._platformInfo: args_dict.update(self._platformInfo) args = urllib.urlencode(args_dict) if args != "": target_url += ("?" + args) logger.debug("Getting feed from: %s" % target_url) if self._agent: headers["User-Agent"] = self._agent req = urllib2.Request(target_url, None, headers) f = urllib2.urlopen(req, None, URLOPEN_TIMEOUT) except urllib2.HTTPError, e: raise splunk.RESTException(e.code, e.msg) except urllib2.URLError, e: raise splunk.RESTException(503, "Splunk is unable to connect to the Internet to find more apps.") except Exception, e: raise splunk.RESTException(404, "Resource not found") try: root = etree.parse(f).getroot() f.close() return root except Exception, e: logger.exception(e) raise splunk.InternalServerError(e) # XXX: This is very brittle. Assumptions: # - The local apps endpoint is named 'local'. # - If the remote apps endpoint is at: /services/apps/remote, # then the local apps endpoint is at: /services/apps/local # - Local apps are located at /services/apps/local/<app_name>