def check_that_setup_has_not_been_performed(app, reporter):
"""Check that `default/app.conf` setting `is_configured` = False."""
if app.file_exists("default", "app.conf"):
filename = os.path.join('default', 'app.conf')
app_conf = app.app_conf()
if (app_conf.has_section("install")
and app_conf.has_option("install", "is_configured")):
# Sets to either 1 or 0
is_configured = normalizeBoolean(
app_conf.get("install", "is_configured"))
if is_configured:
lineno = app_conf.get_section('install').get_option(
'is_configured').lineno
reporter_output = (
"The app.conf [install] stanza has the"
" `is_configured` property set to true."
" This property indicates that a setup was already"
" performed. File: {}, Line: {}.").format(
filename, lineno)
reporter.fail(reporter_output, filename, lineno)
else:
pass # Pass - The property is true
else:
pass # Pass - The stanza or property does not exist.
else:
reporter_output = ("`default/app.conf` does not exist.")
reporter.not_applicable(reporter_output)
def check_for_sched_saved_searches_latest_time(app, reporter):
"""Check that if a savedsearch.conf stanza contains scheduling options
it does contain a dispatch.latest_time
"""
if app.file_exists("default", "savedsearches.conf"):
savedsearches_config = app.get_config("savedsearches.conf")
file_path = os.path.join("default", "savedsearches.conf")
for section in savedsearches_config.sections():
is_generating_command_search = (
section.has_option("search")
and section.get_option("search").value.strip().startswith("|"))
if is_generating_command_search:
# The saved search is based on a generating command which will
# create events in real-time so earliest_time isn't needed
continue
if section.has_option("enableSched") and \
normalizeBoolean(section.get_option("enableSched").value.strip()):
if section.has_option("dispatch.latest_time"):
continue
reporter_output = (
"The saved search [{}] doesn't contain dispatch.latest_time."
"It is better to add a dispatch.latest_time "
"when specifying scheduled searches in Splunk Cloud. "
"File: {}, Line: {}.").format(section.name, file_path,
section.lineno)
reporter.warn(reporter_output, file_path, section.lineno)
else:
reporter_output = "No `default/savedsearches.conf`file exists."
reporter.not_applicable(reporter_output)
def check_for_datamodel_acceleration(app, reporter):
"""Check that the use of accelerated data models do not occur. If data model
acceleration is required, developers should provide directions in documentation
for how to accelerate data models from within the Splunk Web GUI.
[data model acceleration](https://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Acceleratedatamodels)
"""
if app.file_exists('default', 'datamodels.conf'):
file_path = os.path.join("default", "datamodels.conf")
datamodels_config = app.get_config("datamodels.conf")
# check if acceleration=true is set in default stanza
is_default_stanza_accelerated = (
datamodels_config.has_section("default")
and datamodels_config.has_option("default", "acceleration")
and normalizeBoolean(
datamodels_config.get("default", "acceleration").strip()))
non_default_sections = [
section for section in datamodels_config.sections()
if section.name != "default"
]
for section in non_default_sections:
is_accelerated = False
lineno = None
if section.has_option("acceleration"):
if normalizeBoolean(
section.get_option("acceleration").value.strip()):
is_accelerated = True
lineno = section.get_option("acceleration").lineno
elif is_default_stanza_accelerated:
is_accelerated = True
lineno = datamodels_config.get_section("default").get_option(
"acceleration").lineno
if is_accelerated:
reporter_output = (
"Data model acceleration was detected in `default/datamodels.conf` for stanza "
"[{}]. Please do not enable data model acceleration by default. If data model "
"acceleration is required, please provide users with guidance on how to enable "
"data model acceleration from within the Splunk Web GUI. File: {}, Line: {}."
).format(section.name, file_path, lineno)
reporter.fail(reporter_output, file_path, lineno)
else:
reporter.not_applicable("No datamodels.conf file exists.")
def check_outputs_documented(app, reporter):
"""Check that forwarding enabled in 'outputs.conf' is explained in the
app's documentation.
"""
if app.file_exists("default", "outputs.conf"):
outputs_conf = app.outputs_conf()
is_enabled_or_empty = True
for section in outputs_conf.section_names():
if outputs_conf.has_option(section, "disabled"):
is_disabled = normalizeBoolean(
outputs_conf.get(section, "disabled"))
if is_disabled:
is_enabled_or_empty = False
else:
is_enabled_or_empty = True
if is_enabled_or_empty:
reporter.manual_check(
"Documentation will be read during code review.")
else:
reporter.not_applicable("No outputs.conf file exists.")
def check_if_outputs_conf_exists(app, reporter):
"""Check that forwarding enabled in 'outputs.conf' is failed in cloud
"""
config_file_paths = app.get_config_file_paths("outputs.conf")
if config_file_paths:
for directory, filename in config_file_paths.iteritems():
file_path = os.path.join(directory, filename)
outputs_conf = app.outputs_conf(directory)
is_section_empty = is_default_disabled = True
for section in outputs_conf.section_names():
is_section_empty = False
if outputs_conf.has_option(section, "disabled"):
is_default_disabled = False
is_disabled = normalizeBoolean(outputs_conf.get(section, "disabled"))
if is_disabled:
pass
else:
lineno = outputs_conf.get_section(section).get_option("disabled").lineno
reporter_output = ("From `{}/outputs.conf`, output is enabled."
" This is prohibited in Splunk"
" Cloud. Stanza: [{}]. File: {}, Line: {}."
).format(directory,
section,
file_path,
lineno)
reporter.fail(reporter_output, file_path, lineno)
if not is_section_empty and is_default_disabled:
reporter_output = ("From `{}/outputs.conf`, output is enabled"
" by default `disabled = False`."
" This is prohibited in Splunk"
" Cloud. File: {}"
).format(directory,
file_path)
reporter.fail(reporter_output, file_path)
else:
reporter_output = ("`outputs.conf` does not exist.")
reporter.not_applicable(reporter_output)
def _is_update_enabled(check_for_updates_value):
try:
return normalizeBoolean(check_for_updates_value)
except ValueError:
return True
def _is_signed_assertion_off(section):
return not normalizeBoolean(
section.get_option('signedAssertion').value.strip())
def _is_summary_search_with_earliest_time(section):
return section.has_option("auto_summarize") and \
normalizeBoolean(section.get_option("auto_summarize").value.strip()) and \
section.has_option("auto_summarize.dispatch.earliest_time")
def _is_scheduled_search(section):
return section.has_option("enableSched") and \
normalizeBoolean(section.get_option("enableSched").value.strip())