def create_scheme(self):
scheme = Scheme("MongoDB Admin")
scheme.description = "Collect administrative events from MongoDB hosts"
commands_argument = Argument("commands")
commands_argument.title = "Admin commands"
commands_argument.data_type = Argument.data_type_string
commands_argument.description = "The admin commands to run"
commands_argument.required_on_create = True
scheme.add_argument(commands_argument)
return scheme
def __add_scheme_arguments(self, scheme):
for name, [description, required_on_create, required_on_edit] in self.SCHEME_ARGUMENTS.items():
scheme.add_argument(Argument(name=name,
data_type=Argument.data_type_string,
description=description,
required_on_create=required_on_create,
required_on_edit=required_on_edit))
def get_scheme(self):
scheme = self.create_scheme()
scheme.use_external_validation = True
host_argument = Argument("server")
host_argument.title = "Host"
host_argument.data_type = Argument.data_type_string
host_argument.description = "hostname or IP address of the instance to connect to, or a mongodb URI, or a list of hostnames/mongodb URIs"
host_argument.required_on_create = True
scheme.add_argument(host_argument)
port_argument = Argument("port")
port_argument.title = "Port"
port_argument.data_type = Argument.data_type_string
port_argument.description = "port number on which to connect"
port_argument.required_on_create = True
scheme.add_argument(port_argument)
return scheme
def create_scheme(self):
scheme = Scheme("MongoDB Admin")
scheme.description = "Collect administrative events from MongoDB hosts"
commands_argument = Argument("commands")
commands_argument.title = "Admin commands"
commands_argument.data_type = Argument.data_type_string
commands_argument.description = "The admin commands to run"
commands_argument.required_on_create = True
scheme.add_argument(commands_argument)
return scheme
def get_scheme(self):
scheme = Scheme("abcd")
scheme.description = u"\uC3BC and \uC3B6 and <&> f\u00FCr"
scheme.streaming_mode = scheme.streaming_mode_simple
scheme.use_external_validation = False
scheme.use_single_instance = True
arg1 = Argument("arg1")
scheme.add_argument(arg1)
arg2 = Argument("arg2")
arg2.description = u"\uC3BC and \uC3B6 and <&> f\u00FCr"
arg2.data_type = Argument.data_type_number
arg2.required_on_create = True
arg2.required_on_edit = True
arg2.validation = "is_pos_int('some_name')"
scheme.add_argument(arg2)
return scheme
def create_scheme(self):
scheme = Scheme("MongoDB Collection Stats")
scheme.description = "Fetch collection statistics from MongoDB hosts"
database_argument = Argument("database")
database_argument.title = "Database"
database_argument.data_type = Argument.data_type_string
database_argument.description = "name of the MongoDB database to run commands against"
database_argument.required_on_create = True
scheme.add_argument(database_argument)
collections_argument = Argument("collections")
collections_argument.title = "Database collections"
collections_argument.data_type = Argument.data_type_string
collections_argument.description = "Space-separated names of the collections to fetch stats for"
collections_argument.required_on_create = True
scheme.add_argument(collections_argument)
return scheme
def get_scheme(self):
scheme = self.create_scheme()
scheme.use_external_validation = True
host_argument = Argument("server")
host_argument.title = "Host"
host_argument.data_type = Argument.data_type_string
host_argument.description = "hostname or IP address of the instance to connect to, or a mongodb URI, or a list of hostnames/mongodb URIs"
host_argument.required_on_create = True
scheme.add_argument(host_argument)
port_argument = Argument("port")
port_argument.title = "Port"
port_argument.data_type = Argument.data_type_string
port_argument.description = "port number on which to connect"
port_argument.required_on_create = True
scheme.add_argument(port_argument)
user_argument = Argument("username")
user_argument.title = "Username"
user_argument.data_type = Argument.data_type_string
user_argument.description = "mongodb username"
user_argument.required_on_create = False
scheme.add_argument(user_argument)
pass_argument = Argument("password")
pass_argument.title = "Password"
pass_argument.data_type = Argument.data_type_string
pass_argument.description = "mongodb password"
pass_argument.required_on_create = False
scheme.add_argument(pass_argument)
return scheme
def get_scheme(self):
"""Generates the scheme of the modular input.
Returns:
(Scheme): The Splunk Python SDK Scheme object.
https://github.com/splunk/splunk-sdk-python/blob/master/splunklib/modularinput/scheme.py
"""
scheme = Scheme("GitHub Stats")
scheme.description = "Get interesting statistics from GitHub for an organization."
scheme.use_external_validation = True
scheme.use_single_instance = True
# ----------------------------------------------------------------------
github_username_argument = Argument("github_username")
github_username_argument.data_type = Argument.data_type_string
github_username_argument.description = ("The username used to "
"authenticate with GitHub.")
github_username_argument.required_on_create = True
# ----------------------------------------------------------------------
github_access_token_argument = Argument("github_access_token")
github_access_token_argument.data_type = Argument.data_type_string
github_access_token_argument.description = (
"The access token used to"
" authenticate with GitHub."
" Used in place of a"
" password.")
github_access_token_argument.required_on_create = True
# ----------------------------------------------------------------------
github_organization_argument = Argument("github_organization")
github_organization_argument.data_type = Argument.data_type_string
github_organization_argument.description = (
"The GitHub organization to"
" use for scraping stats.")
github_organization_argument.required_on_create = True
# ----------------------------------------------------------------------
scheme.add_argument(github_username_argument)
scheme.add_argument(github_access_token_argument)
scheme.add_argument(github_organization_argument)
return scheme
def get_scheme(self):
scheme = Scheme("SEKOIA.IO Intelligence Center feed")
scheme.description = "Fetch indicators from the Intelligence Center"
scheme.use_external_validation = True
scheme.use_single_instance = True
api_key = Argument("api_key")
api_key.title = "API Key"
api_key.data_type = Argument.data_type_string
api_key.description = (
"SEKOIA.IO API Key to use to access the feed."
"Contact [email protected] if you are not sure how to get this API Key."
)
api_key.required_on_create = True
scheme.add_argument(api_key)
feed_id = Argument("feed_id")
feed_id.title = "Feed ID"
feed_id.data_type = Argument.data_type_string
feed_id.description = "Specific Feed ID to use as IOC source."
feed_id.required_on_create = False
feed_id.required_on_edit = False
scheme.add_argument(feed_id)
return scheme
def get_scheme(self):
scheme = Scheme("Azure Monitor Metrics")
scheme.description = "Streams events from Azure resources via Azure Monitor REST API."
scheme.use_external_validation = True
scheme.use_single_instance = False
arg2 = Argument("SPNTenantID")
arg2.data_type = Argument.data_type_string
arg2.required_on_create = True
arg2.required_on_edit = True
scheme.add_argument(arg2)
arg3 = Argument("SPNApplicationId")
arg3.data_type = Argument.data_type_string
arg3.required_on_create = True
arg3.required_on_edit = True
scheme.add_argument(arg3)
arg4 = Argument("SPNApplicationKey")
arg4.data_type = Argument.data_type_string
arg4.required_on_create = True
arg4.required_on_edit = True
scheme.add_argument(arg4)
arg1 = Argument("SubscriptionId")
arg1.data_type = Argument.data_type_string
arg1.required_on_create = True
arg1.required_on_edit = True
scheme.add_argument(arg1)
arg5 = Argument("vaultName")
arg5.data_type = Argument.data_type_string
arg5.required_on_create = True
arg5.required_on_edit = True
scheme.add_argument(arg5)
arg6 = Argument("secretName")
arg6.data_type = Argument.data_type_string
arg6.required_on_create = True
arg6.required_on_edit = True
scheme.add_argument(arg6)
arg7 = Argument("secretVersion")
arg7.data_type = Argument.data_type_string
arg7.required_on_create = True
arg7.required_on_edit = True
scheme.add_argument(arg7)
return scheme
def get_scheme(self):
# Returns scheme.
scheme = Scheme("Duplicity Backup")
scheme.description = "Runs a Splunk backup"
arg = Argument("target_url")
arg.data_type = Argument.data_type_string
arg.description = "Backup destination"
arg.required_on_create = False
scheme.add_argument(arg)
arg = Argument("full_if_older_than")
arg.data_type = Argument.data_type_string
arg.description = "Max time between full backups"
arg.required_on_create = False
scheme.add_argument(arg)
arg = Argument("extra_duplicity_args")
arg.data_type = Argument.data_type_string
arg.description = "Additional arguments to pass to duplicity"
arg.required_on_create = False
scheme.add_argument(arg)
arg = Argument("whitelist")
arg.data_type = Argument.data_type_string
arg.description = "Duplicity whitelist"
arg.required_on_create = False
scheme.add_argument(arg)
arg = Argument("blacklist")
arg.data_type = Argument.data_type_string
arg.description = "Duplicity blacklist"
arg.required_on_create = False
scheme.add_argument(arg)
return scheme