def handle_GET(self):
required_args = {
"field": ('string', None),
"examples": ('json', None),
"sid": ('string', None)
}
optional_args = {
"filter": ('string', None),
"counter_examples": ('json', None),
"count": ('int', (1, 500)),
"offset": ('int', (0, 1000))
}
kwargs = checkArgs(required_args, optional_args, self.args)
ex = mungeExamples(kwargs['examples'], kwargs['field'])
rules = mgr.gtfo(
self.sessionKey, kwargs['field'],
mungeExamples(kwargs['examples'], kwargs['field']),
mungeExamples(kwargs.get('counter_examples', []), kwargs['field']),
kwargs.get('filter', ''), kwargs['sid'], kwargs.get('offset', 0),
kwargs.get('count', 100))
self.response.setHeader('content-type', 'application/json')
response = {'rules': rules}
response.update(kwargs)
self.response.write(json.dumps(response))
def handle_GET(self):
try:
query = '| search sourcetype=access_combined | head 100'
job = splunk.search.dispatch(query,
sessionKey=self.sessionKey,
status_buckets=1,
required_field_list='*')
splunk.search.waitForJob(job)
examples = [{
"_rawtext":
"10.1.1.43 - webdev [07/Aug/2005:23:58:08 -0700] \"GET / HTTP/1.0\" 200 1163 \"-\" \"check_http/1.10 (nagios-plugins 1.4)\"",
"clientip": [0, 9]
}, {
"_rawtext":
"10.1.1.0 - webdev [07/Aug/2005:23:58:08 -0700] \"GET / HTTP/1.0\" 200 1163 \"-\" \"check_http/1.10 (nagios-plugins 1.4)\"",
"method": [48, 51]
}]
rules = mgr.gtfo(self.sessionKey, '_raw',
mungeExamples(examples, '_raw'), [], '', job.id,
0, 100)
self.response.setHeader('content-type', 'application/json')
response = {'rules': rules}
# response.update(kwargs)
self.response.write(json.dumps(response))
except Exception as e:
import traceback
raise Exception("%s Traceback: %s\n" % (e, traceback.format_exc()))