def handle(self, **options): service = connect( username=options['username'], password=options['password'], host=settings.SPLUNKD_HOST, port=settings.SPLUNKD_PORT, ) user_apps = list(settings.USER_APPS) apps = service.apps did_delete = False for app in apps: namespace = service.namespace service.namespace = binding.namespace(owner="nobody", app=app.name) is_appfx = app.name in user_apps and 'appfx' in service.confs['app'] service.namespace = namespace if is_appfx: print "Uninstalling '%s'" % app.name service.namespace = namespace apps.delete(app.name) did_delete = True if did_delete: print "Restarting..." restart(service) for user_app in user_apps: print "Installing '%s'" % user_app user_app_module = importlib.import_module(user_app) label = user_app if hasattr(user_app_module, 'NAME'): label = user_app_module.NAME apps.create(user_app, visible=True, label=label) service.namespace = binding.namespace(owner="nobody", app=user_app) stanza = service.confs['app'].create('appfx') stanza.submit("appfx=1") nav_kwargs = { "eai:data": '<nav><view name="default" default="true"/></nav>' } view_kwargs = { "name": "default", "eai:data": '<view template="appfx_base:/templates/redirect.html"></view>' } service.post( 'data/ui/views', **view_kwargs ) service.post( 'data/ui/nav/default', **nav_kwargs )
def handle(self, **options): service = connect( username=options['username'], password=options['password'], host=settings.SPLUNKD_HOST, port=settings.SPLUNKD_PORT, ) user_apps = list(settings.USER_APPS) apps = service.apps did_delete = False for app in apps: namespace = service.namespace service.namespace = binding.namespace(owner="nobody", app=app.name) is_appfx = app.name in user_apps and 'appfx' in service.confs['app'] service.namespace = namespace if is_appfx: print "Uninstalling '%s'" % app.name service.namespace = namespace apps.delete(app.name) did_delete = True if did_delete: print "Restarting..." restart(service) for user_app in user_apps: print "Installing '%s'" % user_app user_app_module = importlib.import_module(user_app) label = user_app if hasattr(user_app_module, 'NAME'): label = user_app_module.NAME apps.create(user_app, visible=True, label=label) service.namespace = binding.namespace(owner="nobody", app=user_app) stanza = service.confs['app'].create('appfx') stanza.submit("appfx=1") nav_kwargs = { "eai:data": '<nav><view name="default" default="true"/></nav>' } view_kwargs = { "name": "default", "eai:data": '<view template="appfx_base:/templates/redirect.html"></view>' } service.post('data/ui/views', **view_kwargs) service.post('data/ui/nav/default', **nav_kwargs)
def get_splunk_apps(context): service = context['request'].service apps = service.apps.list() def filter_visible_and_enabled(app): visible = app['visible'] == '1' enabled = app['disabled'] != '1' return visible and enabled def get_name_and_url(app): app_name = app['label'] app_url = "/en-US/app/%s" % app.name return { 'name': app_name, 'url': app_url } # A hackish way to exclude apps in splunkweb that are only there to # provide cross-nav namespace = service.namespace service.namespace = binding.namespace(owner="-", app="-") try: exclude = {} stanzas = service.confs['app'].list() for stanza in stanzas: if stanza.name == "appfx": app_name = stanza.access['app'] should_exclude = stanza['appfx'] == '1' exclude[app_name] = should_exclude apps = filter(lambda app: not exclude.get(app.name, False), apps) except: raise finally: service.namespace = namespace apps = filter(filter_visible_and_enabled, apps) apps = map(get_name_and_url, apps) apps = sorted(apps, key=lambda app: app['name'].lower()) return apps
def test_namespace(self): tests = [ ({}, {"sharing": None, "owner": None, "app": None}), ({"owner": "Bob"}, {"sharing": None, "owner": "Bob", "app": None}), ({"app": "search"}, {"sharing": None, "owner": None, "app": "search"}), ({"owner": "Bob", "app": "search"}, {"sharing": None, "owner": "Bob", "app": "search"}), ({"sharing": "user", "owner": "*****@*****.**"}, {"sharing": "user", "owner": "*****@*****.**", "app": None}), ({"sharing": "user"}, {"sharing": "user", "owner": None, "app": None}), ({"sharing": "user", "owner": "Bob"}, {"sharing": "user", "owner": "Bob", "app": None}), ({"sharing": "user", "app": "search"}, {"sharing": "user", "owner": None, "app": "search"}), ( {"sharing": "user", "owner": "Bob", "app": "search"}, {"sharing": "user", "owner": "Bob", "app": "search"}, ), ({"sharing": "app"}, {"sharing": "app", "owner": "nobody", "app": None}), ({"sharing": "app", "owner": "Bob"}, {"sharing": "app", "owner": "nobody", "app": None}), ({"sharing": "app", "app": "search"}, {"sharing": "app", "owner": "nobody", "app": "search"}), ( {"sharing": "app", "owner": "Bob", "app": "search"}, {"sharing": "app", "owner": "nobody", "app": "search"}, ), ({"sharing": "global"}, {"sharing": "global", "owner": "nobody", "app": None}), ({"sharing": "global", "owner": "Bob"}, {"sharing": "global", "owner": "nobody", "app": None}), ({"sharing": "global", "app": "search"}, {"sharing": "global", "owner": "nobody", "app": "search"}), ( {"sharing": "global", "owner": "Bob", "app": "search"}, {"sharing": "global", "owner": "nobody", "app": "search"}, ), ({"sharing": "system"}, {"sharing": "system", "owner": "nobody", "app": "system"}), ({"sharing": "system", "owner": "Bob"}, {"sharing": "system", "owner": "nobody", "app": "system"}), ({"sharing": "system", "app": "search"}, {"sharing": "system", "owner": "nobody", "app": "system"}), ( {"sharing": "system", "owner": "Bob", "app": "search"}, {"sharing": "system", "owner": "nobody", "app": "system"}, ), ({"sharing": "user", "owner": "-", "app": "-"}, {"sharing": "user", "owner": "-", "app": "-"}), ] for kwargs, expected in tests: namespace = binding.namespace(**kwargs) for k, v in expected.iteritems(): self.assertEqual(namespace[k], v)
def get_splunk_apps(context): service = context['request'].service apps = service.apps.list() def filter_visible_and_enabled(app): visible = app['visible'] == '1' enabled = app['disabled'] != '1' return visible and enabled def get_name_and_url(app): app_name = app['label'] app_url = "/en-US/app/%s" % app.name return {'name': app_name, 'url': app_url} # A hackish way to exclude apps in splunkweb that are only there to # provide cross-nav namespace = service.namespace service.namespace = binding.namespace(owner="-", app="-") try: exclude = {} stanzas = service.confs['app'].list() for stanza in stanzas: if stanza.name == "appfx": app_name = stanza.access['app'] should_exclude = stanza['appfx'] == '1' exclude[app_name] = should_exclude apps = filter(lambda app: not exclude.get(app.name, False), apps) except: raise finally: service.namespace = namespace apps = filter(filter_visible_and_enabled, apps) apps = map(get_name_and_url, apps) apps = sorted(apps, key=lambda app: app['name'].lower()) return apps
def test_namespace(self): tests = [ ({ }, { 'sharing': None, 'owner': None, 'app': None }), ({ 'owner': "Bob" }, { 'sharing': None, 'owner': "Bob", 'app': None }), ({ 'app': "search" }, { 'sharing': None, 'owner': None, 'app': "search" }), ({ 'owner': "Bob", 'app': "search" }, { 'sharing': None, 'owner': "Bob", 'app': "search" }), ({ 'sharing': "user" }, { 'sharing': "user", 'owner': None, 'app': None }), ({ 'sharing': "user", 'owner': "Bob" }, { 'sharing': "user", 'owner': "Bob", 'app': None }), ({ 'sharing': "user", 'app': "search" }, { 'sharing': "user", 'owner': None, 'app': "search" }), ({ 'sharing': "user", 'owner': "Bob", 'app': "search" }, { 'sharing': "user", 'owner': "Bob", 'app': "search" }), ({ 'sharing': "app" }, { 'sharing': "app", 'owner': "nobody", 'app': None }), ({ 'sharing': "app", 'owner': "Bob" }, { 'sharing': "app", 'owner': "nobody", 'app': None }), ({ 'sharing': "app", 'app': "search" }, { 'sharing': "app", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "app", 'owner': "Bob", 'app': "search" }, { 'sharing': "app", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "global" }, { 'sharing': "global", 'owner': "nobody", 'app': None }), ({ 'sharing': "global", 'owner': "Bob" }, { 'sharing': "global", 'owner': "nobody", 'app': None }), ({ 'sharing': "global", 'app': "search" }, { 'sharing': "global", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "global", 'owner': "Bob", 'app': "search" }, { 'sharing': "global", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "system" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': "system", 'owner': "Bob" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': "system", 'app': "search" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': "system", 'owner': "Bob", 'app': "search" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': 'user', 'owner': '-', 'app': '-'}, { 'sharing': 'user', 'owner': '-', 'app': '-'})] for kwargs, expected in tests: namespace = binding.namespace(**kwargs) for k, v in expected.iteritems(): self.assertEqual(namespace[k], v)
def main(): if demisto.command() == 'splunk-parse-raw': splunk_parse_raw_command() sys.exit(0) service = None proxy = demisto.params().get('proxy') use_requests_handler = demisto.params().get('use_requests_handler') connection_args = { 'host': demisto.params()['host'], 'port': demisto.params()['port'], 'app': demisto.params().get('app', '-'), 'username': demisto.params()['authentication']['identifier'], 'password': demisto.params()['authentication']['password'], 'verify': VERIFY_CERTIFICATE } if use_requests_handler: handle_proxy() connection_args['handler'] = requests_handler elif proxy: connection_args['handler'] = handler(proxy) try: service = client.connect(**connection_args) except urllib2.URLError as e: if e.reason.errno == 1 and sys.version_info < (2, 6, 3): # type: ignore pass else: raise if service is None: demisto.error("Could not connect to SplunkPy") # The command demisto.command() holds the command sent from the user. if demisto.command() == 'test-module': test_module(service) demisto.results('ok') if demisto.command() == 'splunk-search': splunk_search_command(service) if demisto.command() == 'splunk-job-create': splunk_job_create_command(service) if demisto.command() == 'splunk-results': splunk_results_command(service) if demisto.command() == 'fetch-incidents': fetch_incidents(service) if demisto.command() == 'splunk-get-indexes': splunk_get_indexes_command(service) if demisto.command() == 'splunk-submit-event': splunk_submit_event_command(service) if demisto.command() == 'splunk-notable-event-edit': splunk_edit_notable_event_command(proxy) if demisto.command() == 'splunk-submit-event-hec': splunk_submit_event_hec_command() if demisto.command() == 'splunk-job-status': splunk_job_status(service) if demisto.command().startswith('splunk-kv-') and service is not None: args = demisto.args() app = args.get('app_name', 'search') service.namespace = namespace(app=app, owner='nobody', sharing='app') check_error(service, args) if demisto.command() == 'splunk-kv-store-collection-create': kv_store_collection_create(service) elif demisto.command() == 'splunk-kv-store-collection-config': kv_store_collection_config(service) elif demisto.command() == 'splunk-kv-store-collection-delete': kv_store_collection_delete(service) elif demisto.command() == 'splunk-kv-store-collections-list': kv_store_collections_list(service) elif demisto.command() == 'splunk-kv-store-collection-add-entries': kv_store_collection_add_entries(service) elif demisto.command() in [ 'splunk-kv-store-collection-data-list', 'splunk-kv-store-collection-search-entry' ]: kv_store_collection_data(service) elif demisto.command() == 'splunk-kv-store-collection-data-delete': kv_store_collection_data_delete(service) elif demisto.command() == 'splunk-kv-store-collection-delete-entry': kv_store_collection_delete_entry(service)
def test_namespace(self): tests = [({}, { 'sharing': None, 'owner': None, 'app': None }), ({ 'owner': "Bob" }, { 'sharing': None, 'owner': "Bob", 'app': None }), ({ 'app': "search" }, { 'sharing': None, 'owner': None, 'app': "search" }), ({ 'owner': "Bob", 'app': "search" }, { 'sharing': None, 'owner': "Bob", 'app': "search" }), ({ 'sharing': "user", 'owner': "*****@*****.**" }, { 'sharing': "user", 'owner': "*****@*****.**", 'app': None }), ({ 'sharing': "user" }, { 'sharing': "user", 'owner': None, 'app': None }), ({ 'sharing': "user", 'owner': "Bob" }, { 'sharing': "user", 'owner': "Bob", 'app': None }), ({ 'sharing': "user", 'app': "search" }, { 'sharing': "user", 'owner': None, 'app': "search" }), ({ 'sharing': "user", 'owner': "Bob", 'app': "search" }, { 'sharing': "user", 'owner': "Bob", 'app': "search" }), ({ 'sharing': "app" }, { 'sharing': "app", 'owner': "nobody", 'app': None }), ({ 'sharing': "app", 'owner': "Bob" }, { 'sharing': "app", 'owner': "nobody", 'app': None }), ({ 'sharing': "app", 'app': "search" }, { 'sharing': "app", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "app", 'owner': "Bob", 'app': "search" }, { 'sharing': "app", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "global" }, { 'sharing': "global", 'owner': "nobody", 'app': None }), ({ 'sharing': "global", 'owner': "Bob" }, { 'sharing': "global", 'owner': "nobody", 'app': None }), ({ 'sharing': "global", 'app': "search" }, { 'sharing': "global", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "global", 'owner': "Bob", 'app': "search" }, { 'sharing': "global", 'owner': "nobody", 'app': "search" }), ({ 'sharing': "system" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': "system", 'owner': "Bob" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': "system", 'app': "search" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': "system", 'owner': "Bob", 'app': "search" }, { 'sharing': "system", 'owner': "nobody", 'app': "system" }), ({ 'sharing': 'user', 'owner': '-', 'app': '-' }, { 'sharing': 'user', 'owner': '-', 'app': '-' })] for kwargs, expected in tests: namespace = binding.namespace(**kwargs) for k, v in six.iteritems(expected): self.assertEqual(namespace[k], v)