def get_scheme(self): scheme = Scheme('Cisco AMP for Endpoints Events Input') scheme.description = 'Allows creating and managing event streams from AMP for Endpoints' scheme.use_external_validation = False scheme.use_single_instance = False self.__add_scheme_arguments(scheme) return scheme
def create_scheme(self): scheme = Scheme("MongoDB Admin") scheme.description = "Collect administrative events from MongoDB hosts" commands_argument = Argument("commands") commands_argument.title = "Admin commands" commands_argument.data_type = Argument.data_type_string commands_argument.description = "The admin commands to run" commands_argument.required_on_create = True scheme.add_argument(commands_argument) return scheme
def get_scheme(self): scheme = Scheme("SEKOIA.IO Intelligence Center feed") scheme.description = "Fetch indicators from the Intelligence Center" scheme.use_external_validation = True scheme.use_single_instance = True api_key = Argument("api_key") api_key.title = "API Key" api_key.data_type = Argument.data_type_string api_key.description = ( "SEKOIA.IO API Key to use to access the feed." "Contact [email protected] if you are not sure how to get this API Key." ) api_key.required_on_create = True scheme.add_argument(api_key) feed_id = Argument("feed_id") feed_id.title = "Feed ID" feed_id.data_type = Argument.data_type_string feed_id.description = "Specific Feed ID to use as IOC source." feed_id.required_on_create = False feed_id.required_on_edit = False scheme.add_argument(feed_id) return scheme
def get_scheme(self): scheme = Scheme("NDBC Observations") scheme.description = "Streams observation events from NDBC stations." scheme.use_external_validation = True stations_argument = Argument("stations") stations_argument.title = "Station IDs" stations_argument.data_type = Argument.data_type_string stations_argument.description = "List of station IDs separated by a space" stations_argument.required_on_create = True scheme.add_argument(stations_argument) return scheme
def get_scheme(self): scheme = Scheme("abcd") scheme.description = u"\uC3BC and \uC3B6 and <&> f\u00FCr" scheme.streaming_mode = scheme.streaming_mode_simple scheme.use_external_validation = False scheme.use_single_instance = True arg1 = Argument("arg1") scheme.add_argument(arg1) arg2 = Argument("arg2") arg2.description = u"\uC3BC and \uC3B6 and <&> f\u00FCr" arg2.data_type = Argument.data_type_number arg2.required_on_create = True arg2.required_on_edit = True arg2.validation = "is_pos_int('some_name')" scheme.add_argument(arg2) return scheme
def get_scheme(self): scheme = Scheme("NDBC Observations Search") scheme.description = "Streams observation events from nearby NDBC stations." scheme.use_external_validation = True latitude_argument = Argument("latitude") latitude_argument.title = "Latitude" latitude_argument.data_type = Argument.data_type_number latitude_argument.description = "Latitude of the center of the search area" latitude_argument.required_on_create = True scheme.add_argument(latitude_argument) longitude_argument = Argument("longitude") longitude_argument.title = "Longitude" longitude_argument.data_type = Argument.data_type_number longitude_argument.description = "Longitude of the center of the search area" longitude_argument.required_on_create = True scheme.add_argument(longitude_argument) radius_argument = Argument("radius") radius_argument.title = "Radius" radius_argument.data_type = Argument.data_type_number radius_argument.description = "Radius in miles of the search area" radius_argument.required_on_create = True scheme.add_argument(radius_argument) return scheme
def get_scheme(self): """Generates the scheme of the modular input. Returns: (Scheme): The Splunk Python SDK Scheme object. https://github.com/splunk/splunk-sdk-python/blob/master/splunklib/modularinput/scheme.py """ scheme = Scheme("GitHub Stats") scheme.description = "Get interesting statistics from GitHub for an organization." scheme.use_external_validation = True scheme.use_single_instance = True # ---------------------------------------------------------------------- github_username_argument = Argument("github_username") github_username_argument.data_type = Argument.data_type_string github_username_argument.description = ("The username used to " "authenticate with GitHub.") github_username_argument.required_on_create = True # ---------------------------------------------------------------------- github_access_token_argument = Argument("github_access_token") github_access_token_argument.data_type = Argument.data_type_string github_access_token_argument.description = ( "The access token used to" " authenticate with GitHub." " Used in place of a" " password.") github_access_token_argument.required_on_create = True # ---------------------------------------------------------------------- github_organization_argument = Argument("github_organization") github_organization_argument.data_type = Argument.data_type_string github_organization_argument.description = ( "The GitHub organization to" " use for scraping stats.") github_organization_argument.required_on_create = True # ---------------------------------------------------------------------- scheme.add_argument(github_username_argument) scheme.add_argument(github_access_token_argument) scheme.add_argument(github_organization_argument) return scheme
def create_scheme(self): scheme = Scheme("MongoDB Collection Stats") scheme.description = "Fetch collection statistics from MongoDB hosts" database_argument = Argument("database") database_argument.title = "Database" database_argument.data_type = Argument.data_type_string database_argument.description = "name of the MongoDB database to run commands against" database_argument.required_on_create = True scheme.add_argument(database_argument) collections_argument = Argument("collections") collections_argument.title = "Database collections" collections_argument.data_type = Argument.data_type_string collections_argument.description = "Space-separated names of the collections to fetch stats for" collections_argument.required_on_create = True scheme.add_argument(collections_argument) return scheme
def get_scheme(self): scheme = Scheme("NDBC Active Stations") scheme.description = "Fetches list of active NDBC stations." scheme.use_external_validation = True return scheme
def create_scheme(self): scheme = Scheme("MongoDB Logs") scheme.description = "Collect logs from MongoDB hosts" scheme.use_single_instance = True return scheme
def get_scheme(self): scheme = Scheme("Azure Monitor Metrics") scheme.description = "Streams events from Azure resources via Azure Monitor REST API." scheme.use_external_validation = True scheme.use_single_instance = False arg2 = Argument("SPNTenantID") arg2.data_type = Argument.data_type_string arg2.required_on_create = True arg2.required_on_edit = True scheme.add_argument(arg2) arg3 = Argument("SPNApplicationId") arg3.data_type = Argument.data_type_string arg3.required_on_create = True arg3.required_on_edit = True scheme.add_argument(arg3) arg4 = Argument("SPNApplicationKey") arg4.data_type = Argument.data_type_string arg4.required_on_create = True arg4.required_on_edit = True scheme.add_argument(arg4) arg1 = Argument("SubscriptionId") arg1.data_type = Argument.data_type_string arg1.required_on_create = True arg1.required_on_edit = True scheme.add_argument(arg1) arg5 = Argument("vaultName") arg5.data_type = Argument.data_type_string arg5.required_on_create = True arg5.required_on_edit = True scheme.add_argument(arg5) arg6 = Argument("secretName") arg6.data_type = Argument.data_type_string arg6.required_on_create = True arg6.required_on_edit = True scheme.add_argument(arg6) arg7 = Argument("secretVersion") arg7.data_type = Argument.data_type_string arg7.required_on_create = True arg7.required_on_edit = True scheme.add_argument(arg7) return scheme
def get_scheme(self): # Returns scheme. scheme = Scheme("Duplicity Backup") scheme.description = "Runs a Splunk backup" arg = Argument("target_url") arg.data_type = Argument.data_type_string arg.description = "Backup destination" arg.required_on_create = False scheme.add_argument(arg) arg = Argument("full_if_older_than") arg.data_type = Argument.data_type_string arg.description = "Max time between full backups" arg.required_on_create = False scheme.add_argument(arg) arg = Argument("extra_duplicity_args") arg.data_type = Argument.data_type_string arg.description = "Additional arguments to pass to duplicity" arg.required_on_create = False scheme.add_argument(arg) arg = Argument("whitelist") arg.data_type = Argument.data_type_string arg.description = "Duplicity whitelist" arg.required_on_create = False scheme.add_argument(arg) arg = Argument("blacklist") arg.data_type = Argument.data_type_string arg.description = "Duplicity blacklist" arg.required_on_create = False scheme.add_argument(arg) return scheme