def handleList(self, confInfo): result = confInfo[self._object_id] uri = REST_URI_MAP[self._object_id] if self._object_id == 'aws_proxy': entity = client.Entity(self._service, uri) for key in entity.content.keys(): if key != 'password': result[key] = entity[key] elif self._object_id == 'logging': for service in LOGGING_ENDPOINTS.keys(): entity = client.Entity( self._service, uri % (service, LOGGING_ENDPOINTS[service])) result[service] = entity['level'] result['eai:appName'] = tac.splunk_ta_aws result['eai:userName'] = '******' result.setMetadata(admin.EAI_ENTRY_ACL, { 'owner': 'nobody', 'app': tac.splunk_ta_aws }) return
def test_read_outputs_with_type(self): name = testlib.tmpname() service = client.connect(**self.opts.kwargs) service.post('data/outputs/tcp/syslog', name=name, type='tcp') entity = client.Entity(service, 'data/outputs/tcp/syslog/' + name) self.assertTrue('tcp', entity.content.type) if service.restart_required: self.restartSplunk() service = client.connect(**self.opts.kwargs) client.Entity(service, 'data/outputs/tcp/syslog/' + name).delete() if service.restart_required: self.restartSplunk()
def handle_POST(self): try: pre_taskserverport = self.read_taskserver_port() payload = loads(self.request['payload']) self.check_java_home(payload) # check whether the javaHome is valid self.validate_java_home(payload["javaHome"]) self.update_vmopts(payload) splunk_service = SplunkServiceFactory.create(self.sessionKey, app='splunk_app_db_connect', owner=self.userName) entity = client.Entity(splunk_service, self.endpoint) entity.update(**payload).refresh() logger.debug('updated java settings') self.update_dbx_java_home(payload["javaHome"]) self.reset_java_command_filename(splunk_service) self.read_vmopts(entity.content) self.restart_task_server(pre_taskserverport) self.writeJson(entity.content) except Exception as ex: self.response.setStatus(500) self.writeJson({ "code": 500, "message": ex.message, "detail": str(ex) })
def test_proper_namespace_with_service_namespace(self): entity = client.Entity(self.service, client.PATH_APPS + "search") del entity._state['access'] namespace = (self.service.namespace.owner, self.service.namespace.app, self.service.namespace.sharing) self.assertEqual(namespace, entity._proper_namespace())
def _update_command_log_level(self, module, log_level, splunk_service): logger.debug( "action=try_to_update_command_log_level module=%s, level=%s" % (module, log_level)) command_endpoint = "configs/conf-commands/%s" # use this property to configure log level log_level_property = "-DDBX_COMMAND_LOG_LEVEL=" entity = client.Entity(splunk_service, command_endpoint % module) to_update = { key: value for key, value in entity.content.items() if log_level_property in value } if len(to_update) != 1: raise Exception( "%s stanza in commands conf file is not valid because there must exist" " one and only one attribute with a value -DDBX_COMMAND_LOG_LEVEL=${LOG_LEVEL}", module) log_args = to_update.keys()[0] log_level_value = to_update[log_args] original_log_level = log_level_value.split(log_level_property)[1] if original_log_level != log_level: logger.debug( "action=update_command_log_level module=%s, original_level=%s level=%s" % (module, original_log_level, log_level)) to_update[log_args] = log_level_property + log_level entity.update(**to_update).refresh()
def reset_java_command_filename(self, splunk_service): for java_command in self.java_commands: entity = client.Entity(splunk_service, self.commands_endpoint % java_command) # If customer have set the filename to "customized.java.path", we need to reset it to "java.path" # Related issue: DBX-3746 if entity["filename"] == self.customized_java_path: entity.update(filename="java.path").refresh() logger.debug("action=reset_java_command_filename command=%s" % java_command)
def handleEdit(self, confInfo): uri = REST_URI_MAP[self._object_id] if self._object_id == 'aws_proxy': query = {} for arg in self.callerArgs.data: if self.callerArgs.data[arg][0]: query[arg] = self.callerArgs.data[arg][0] query['name'] = self._object_id entity = client.Entity(self._service, uri) entity.post(**query) elif self._object_id == 'logging': for arg in self.callerArgs.data: if arg in LOGGING_ENDPOINTS.keys(): entity = client.Entity(self._service, uri % (arg, LOGGING_ENDPOINTS[arg])) entity.post(level=self.callerArgs.data[arg][0]) return
def handle_GET(self): try: splunk_service = SplunkServiceFactory.create(self.sessionKey, app='splunk_app_db_connect', owner=self.userName) content = client.Entity(splunk_service, self.endpoint).content self.writeJson(content) except Exception as ex: self.response.setStatus(500) self.writeJson({ "code": 500, "message": ex.message, "detail": str(ex) })
def _check_modular_alert_java_conf(self, splunk_service): alert_action_endpoint = "configs/conf-alert_actions/alert_output" alert_execute_cmd = client.Entity( splunk_service, alert_action_endpoint).content["alert.execute.cmd"] if alert_execute_cmd != "java.path": alert_execute_cmd_check = ( Status.ERROR, "alert output conf's alert.execute.cmd property should be java.path, but it is: {} now." .format(alert_execute_cmd)) else: alert_execute_cmd_check = ( Status.OK, 'java path is correctly defined for DB Connect modular alert') return alert_execute_cmd_check
def handle_POST(self): try: payload = loads(self.request['payload']) splunk_service = SplunkServiceFactory.create(self.sessionKey, app='splunk_app_db_connect', owner=self.userName) entity = client.Entity(splunk_service, self.endpoint) # first update file first self.update_log_level(payload, splunk_service) # update the entity in conf file entity.update(**payload).refresh() self.writeJson(entity.content) except Exception as ex: self.response.setStatus(500) self.writeJson({ "code": 500, "message": ex.message, "detail": str(ex) })
def _check_commands(self, splunk_service): checks = [] # check commands.conf and alert_actions.conf's filename, should point to java.path commands_endpoint = "configs/conf-commands/{}" commands = ["dbxquery", "dbxoutput", "dbxlookup"] for command in commands: filename = client.Entity( splunk_service, commands_endpoint.format(command)).content["filename"] if filename != "java.path": current_command_check = ( Status.ERROR, "{} command conf's filename property should be java.path, but it is: {} now." .format(command, filename)) else: current_command_check = ( Status.OK, 'java path is correctly defined for {} command'.format( command)) checks.append(current_command_check) return checks
def update_commands_conf_action(): java_commands = ["dbxquery", "dbxoutput", "dbxlookup"] commands_endpoint = "configs/conf-commands/%s" for java_command in java_commands: entity = client.Entity(service, commands_endpoint % java_command) entity.update(**{"filename": "customized.java.path"}).refresh()
"-verbose", help="whether enable verbose logging, default is False", required=False, action='store_true') args = parser.parse_args() verbose_logging = args.verbose url = _get_splunk_url(args) print(usage_message) username = raw_input("Username: "******"shc_deployer" in client.Entity(service, "server/roles").content.role_list: running_on_deployer = True print( "Looks like you are running migrate on a deployer, extra steps need to be taken. Please note:" ) print( "1. This script won't backup anything, please login to one of the SHC node and backup the whole /etc/apps folder" ) print( "2. Scheduled inputs/outputs won't be supported on SHC any longer, please set up a heavy forwarder to run your scheduled inputs/outputs." ) print( "3. Make sure all JDBC drivers used on search heads are installed on this machine in the splunk_app_db_connect folder under bin/lib" ) print( "4. Migration script requires the management API endpoint of one cluster node, in order to check the configuration"