# Copyright (C) 2005-2013 Splunk Inc. All Rights Reserved.
import os
import sys
from spp.java.bridge import JavaBridge, JavaBridgeError
from splunk import Intersplunk as si
(isInfo, sys.argv) = si.isGetInfo(sys.argv)
keywords = sys.argv[1:]
if isInfo:
si.outputInfo(False, True, True, False, None, False)
stdin = None
if not os.isatty(0):
stdin = sys.stdin
try:
sys.exit(JavaBridge(stdin=stdin).execute("com.splunk.dbx.monitor.Preview", *keywords))
except JavaBridgeError, e:
print 'ERROR\n"%s"' % e
output += AND
if len(ORS) > 1:
output += ")"
si.outputResults([{'search': output}], messages)
if __name__ == '__main__':
messages = {}
try:
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
argtext = ' '.join(sys.argv[1:])
count, mapping = parseArgs(argtext)
if isgetinfo:
reqsop = True
preop = "head %s" % count
fields = [field for alias, field in mapping]
if len(fields) > 0:
preop += " | fields %s" % ', '.join(fields)
si.outputInfo(False, False, False, reqsop,
preop) # calls sys.exit()
run(messages, count, mapping)
except Exception, e:
import traceback
stack = traceback.format_exc()
si.addErrorMessage(
messages, "%s. Traceback: %s" % (e, stack.replace('\n', '\\n')))
si.outputResults([], messages)
)
exit(-1)
if __name__ == '__main__':
try:
series_mode = 'relative'
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
argc = len(sys.argv)
if argc != 2 and argc != 3: usage()
if argc == 3:
arg = sys.argv[2]
match = re.search("(?i)series=(short|exact|relative)", sys.argv[2])
if match == None: usage()
series_mode = match.group(1)
if isgetinfo:
# outputInfo(streaming, generating, retevs, reqsop, preop, timeorder=False, clear_req_fields=False, req_fields = None)
si.outputInfo(False,
False,
False,
True,
"addinfo",
timeorder=False)
results, dummyresults, settings = si.getOrganizedResults()
run(sys.argv[1], series_mode, results)
except Exception, e:
raise
except Exception, e2:
stack2 = traceback.format_exc()
si.generateErrorResults("Error '%s'. %s" % (e2, stack2))
def usage():
si.generateErrorResults(" 'timeunit' argument required, such as s (seconds), h (hours), d (days), w (weeks), or y (years). Optionally prefix with a number: 600s (10 minutes), 2w (2 weeks). Optionally add another argument to specify the time-range label: series=[short,exact,relative]")
exit(-1)
if __name__ == '__main__':
try:
series_mode = 'relative'
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
argc = len(sys.argv)
if argc != 2 and argc != 3: usage()
if argc == 3:
arg = sys.argv[2]
match = re.search("(?i)series=(short|exact|relative)", sys.argv[2])
if match == None: usage()
series_mode = match.group(1)
if isgetinfo:
# outputInfo(streaming, generating, retevs, reqsop, preop, timeorder=False, clear_req_fields=False, req_fields = None)
si.outputInfo(False, False, False, True, "addinfo", timeorder=False)
results, dummyresults, settings = si.getOrganizedResults()
run(sys.argv[1], series_mode, results)
except Exception, e:
raise
'''
settings = {}
dummyresults = []
results, fields = readResults(input_str, settings)
return results, dummyresults, settings, fields
# -------------------------------------------
def usage():
si.generateErrorResults("not implimented")
exit(-1)
if __name__ == '__main__':
try:
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
argc = len(sys.argv)
if isgetinfo:
# outputInfo(streaming, generating, retevs, reqsop, preop, timeorder=False, clear_req_fields=False, req_fields = None)
si.outputInfo(False, False, False, False, None, timeorder=False)
results, dummyresults, settings, fields = getOrganizedResults()
run(results, fields)
except Exception, e:
raise
output += " " #" AND "
output += AND
if len(ORS) > 1:
output += ")"
si.outputResults([{'search': output}], messages)
if __name__ == '__main__':
messages = {}
try:
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
argtext = ' '.join(sys.argv[1:])
count, mapping = parseArgs(argtext)
if isgetinfo:
reqsop = True
preop = "head %s" % count
fields = [field for alias, field in mapping]
if len(fields) > 0:
preop += " | fields %s" % ', '.join(fields)
si.outputInfo(False, False, False, reqsop, preop) # calls sys.exit()
run(messages, count, mapping)
except Exception, e:
import traceback
stack = traceback.format_exc()
si.addErrorMessage(messages, "%s. Traceback: %s" % (e, stack.replace('\n','\\n')))
si.outputResults([], messages)
keywords, options = si.getKeywordsAndOptions()
# field=foo green[0::20] yellow[21::80] red[81::100]
# field=foo green=0-20 yellow=21-80 red=81-100 default=black
field = options.get('field', None)
if field == None:
si.generateErrorResults(
"'field' argument required, such as field=y")
exit(0)
ranges = getRanges(options)
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
if isgetinfo: # outputInfo automatically calls sys.exit()
si.outputInfo(True, False, True, False, None, True, False, [field])
defaultval = options.get('default', 'None')
results, dummyresults, settings = si.getOrganizedResults()
# for each results
for result in results:
# get field value
myvalue = result.get(field, None)
myranges = []
if myvalue != None:
try:
myvalue = float(myvalue)
for rangename, rangeval in ranges.items():
if rangeval[0] <= myvalue <= rangeval[1]:
# allows for multiple ranges
myranges.append(rangename)
"dummyresults" is always an empty list, and "settings" is always
an empty dict, since the change to csv stopped sending the
searchinfo. It has not been updated to store the auth token.
'''
settings = {}
dummyresults = []
results, fields = readResults(input_str, settings)
return results, dummyresults, settings, fields
# -------------------------------------------
def usage():
si.generateErrorResults("not implimented")
exit(-1)
if __name__ == '__main__':
try:
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
argc = len(sys.argv)
if isgetinfo:
# outputInfo(streaming, generating, retevs, reqsop, preop, timeorder=False, clear_req_fields=False, req_fields = None)
si.outputInfo(False, False, False, False, None, timeorder=False)
results, dummyresults, settings, fields = getOrganizedResults()
run(results, fields)
except Exception, e:
raise
try:
keywords,options = si.getKeywordsAndOptions()
# field=foo green[0::20] yellow[21::80] red[81::100]
# field=foo green=0-20 yellow=21-80 red=81-100 default=black
field = options.get('field', None)
if field == None:
si.generateErrorResults("'field' argument required, such as field=y")
exit(0)
ranges = getRanges(options)
(isgetinfo, sys.argv) = si.isGetInfo(sys.argv)
if isgetinfo: # outputInfo automatically calls sys.exit()
si.outputInfo(True, False, True, False, None, True, False, [field])
defaultval = options.get('default', 'None')
results,dummyresults,settings = si.getOrganizedResults()
# for each results
for result in results:
# get field value
myvalue = result.get(field, None)
myranges = []
if myvalue != None:
try:
myvalue = float(myvalue)
for rangename,rangeval in ranges.items():
if rangeval[0] <= myvalue <= rangeval[1]:
# allows for multiple ranges
myranges.append(rangename)
