def update_properties(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key_values: the key-value dict of the stanza :return: raise exception when failed """ uri = _property_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/" + stanza.replace("/", "%2F") msg = "Properties: failed to update conf=%s, stanza=%s" % \ (conf_name, stanza) has_name = False if "name" in key_values: has_name = True name = key_values["name"] del key_values["name"] content_request(uri, session_key, "POST", key_values, msg) if has_name: key_values["name"] = name
def update_data_input(splunkd_uri, session_key, owner, app_name, input_type, name, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be updated. :param key_values: a K-V dict of details in the data input stanza. :return: raise exception when failure """ if "name" in key_values: del key_values["name"] uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/" + util.format_stanza_name(name) msg = "Failed to update data input in app={}: {}://{}".format( app_name, input_type, name, ) content_request(uri, session_key, "POST", key_values, msg)
def operate_data_input(splunkd_uri, session_key, owner, app_name, input_type, name, operation): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be operated. :param operation: must be "disable" or "enable" """ assert operation in ("disable", "enable") uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/{}/{}".format(util.format_stanza_name(name), operation) msg = "Failed to {} data input in app={}: {}://{}".format( operation, app_name, input_type, name, ) content_request(uri, session_key, "POST", None, msg)
def update_properties(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key_values: the key-value dict of the stanza :return: raise exception when failed """ uri = _property_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/" + util.format_stanza_name(stanza) msg = "Properties: failed to update conf=%s, stanza=%s" % (conf_name, stanza) has_name = False if "name" in key_values: has_name = True name = key_values["name"] del key_values["name"] content_request(uri, session_key, "POST", key_values, msg) if has_name: key_values["name"] = name
def reload_data_input(splunkd_uri, session_key, owner, app_name, input_type, throw=False): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/_reload" msg = "Failed to reload data input in app={}: {}".format( app_name, input_type) try: content_request(uri, session_key, "GET", None, msg) except Exception: if throw: raise
def get_data_input(splunkd_uri, session_key, owner, app_name, input_type, name=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return: a list of stanzas in the input type, including metadata """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) if name: uri += "/" + name.replace("/", "%2F") msg = "Failed to get data input in app=%s: %s://%s" % (app_name, input_type, name) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def delete_stanza(splunkd_uri, session_key, owner, app_name, conf_name, stanza, throw=False): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: None on success otherwise raise exception """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/" + util.format_stanza_name(stanza) msg = "Failed to delete stanza=%s in conf=%s" % (stanza, conf_name) content_request(uri, session_key, "DELETE", None, msg)
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += "/" + stanza.replace("/", "%2F") # get all the stanzas at one time uri += "?count=0&offset=0" msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += "/" + util.format_stanza_name(stanza) # get all the stanzas at one time uri += "?count=0&offset=0" msg = "Failed to get stanza={} in conf={}".format( stanza if stanza else stanza, conf_name, ) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += "/" + _format_stanza_name(stanza) # workaround count limit. uri += "?count=-1" msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza) content = content_request(uri, session_key, "GET", None, msg) if not content: raise Exception(msg) return xdp.parse_conf_xml_dom(content)
def get_data_input(splunkd_uri, session_key, owner, app_name, input_type, name=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return: a list of stanzas in the input type, including metadata """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) if name: uri += urllib.quote("/" + name.replace("/", "%2F")) # get all the stanzas at one time uri += "?count=0&offset=0" msg = "Failed to get data input in app=%s: %s://%s" % ( app_name, input_type, name) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def reload_conf(splunkd_uri, session_key, app_name, conf_name, throw=False): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param conf_names: a list of the name of the conf file, e.g. ["props"] :param app_name: the app"s name, e.g. "Splunk_TA_aws" """ uri = _conf_endpoint_ns(splunkd_uri, "nobody", app_name, conf_name) uri += "/_reload" msg = "Failed to reload conf in app=%s: %s" % (app_name, conf_name) try: content_request(uri, session_key, "GET", None, msg) except Exception: if throw: raise
def operate_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza, operation): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param operation: must be "disable" or "enable" """ assert operation in ("disable", "enable") uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/%s/%s" % (util.format_stanza_name(stanza), operation) msg = "Failed to disable/enable stanza=%s in conf=%s" % (stanza, conf_name) content_request(uri, session_key, "POST", None, msg)
def create_properties(splunkd_uri, session_key, owner, app_name, conf_name, stanza): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: None on success else raise exception """ uri = _property_endpoint_ns(splunkd_uri, owner, app_name, conf_name) msg = "Properties: failed to create stanza=%s in conf=%s" % \ (stanza, conf_name) payload = {"__stanza": stanza} content_request(uri, session_key, "POST", payload, msg)
def create_properties(splunkd_uri, session_key, owner, app_name, conf_name, stanza): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: None on success else raise exception """ uri = _property_endpoint_ns(splunkd_uri, owner, app_name, conf_name) msg = "Properties: failed to create stanza=%s in conf=%s" % (stanza, conf_name) payload = {"__stanza": stanza} content_request(uri, session_key, "POST", payload, msg)
def reload_conf(splunkd_uri, session_key, app_name, conf_name, throw=False): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param conf_names: a list of the name of the conf file, e.g. ["props"] :param app_name: the app"s name, e.g. "Splunk_TA_aws" """ uri = _conf_endpoint_ns(splunkd_uri, "nobody", app_name, conf_name) uri += "/_reload" msg = "Failed to reload conf in app={}: {}".format(app_name, conf_name) try: content_request(uri, session_key, "GET", None, msg) except Exception: if throw: raise
def delete_stanza( splunkd_uri, session_key, owner, app_name, conf_name, stanza, throw=False ): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: None on success otherwise raise exception """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/" + util.format_stanza_name(stanza) msg = "Failed to delete stanza={} in conf={}".format(stanza, conf_name) content_request(uri, session_key, "DELETE", None, msg)
def delete_data_input(splunkd_uri, session_key, owner, app_name, input_type, name): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return raise exception when failed """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/" + util.format_stanza_name(name) msg = "Failed to delete data input in app=%s: %s://%s" % (app_name, input_type, name) content_request(uri, session_key, "DELETE", None, msg)
def operate_data_input(splunkd_uri, session_key, owner, app_name, input_type, name, operation): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be operated. :param operation: must be "disable" or "enable" """ assert operation in ("disable", "enable") uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/%s/%s" % (util.format_stanza_name(name), operation) msg = "Failed to %s data input in app=%s: %s://%s" % (operation, app_name, input_type, name) content_request(uri, session_key, "POST", None, msg)
def reload_data_input(splunkd_uri, session_key, owner, app_name, input_type, throw=False): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/_reload" msg = "Failed to reload data input in app=%s: %s" % (app_name, input_type) try: content_request(uri, session_key, "GET", None, msg) except Exception: if throw: raise
def create_data_input(splunkd_uri, session_key, owner, app_name, input_type, name, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be created. :param key_values: a K-V dict of details in the data input stanza. :return: None on success else raise exception """ key_values["name"] = unicode(name).encode("utf-8") uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) msg = "Failed to create data input in app=%s: %s://%s" % (app_name, input_type, name) content_request(uri, session_key, "POST", key_values, msg)
def delete_data_input(splunkd_uri, session_key, owner, app_name, input_type, name): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return raise exception when failed """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/" + name.replace("/", "%2F") msg = "Failed to delete data input in app=%s: %s://%s" % (app_name, input_type, name) content_request(uri, session_key, "DELETE", None, msg)
def update_data_input(splunkd_uri, session_key, owner, app_name, input_type, name, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be updated. :param key_values: a K-V dict of details in the data input stanza. :return: raise exception when failure """ if "name" in key_values: del key_values["name"] uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) uri += "/" + util.format_stanza_name(name) msg = "Failed to update data input in app=%s: %s://%s" % (app_name, input_type, name) content_request(uri, session_key, "POST", key_values, msg)
def create_stanza(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key_values: the key-value dict of the stanza :return: None on success otherwise throw exception """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) msg = "Failed to create stanza=%s in conf=%s" % (stanza, conf_name) payload = {"name": unicode(stanza).encode('utf-8')} for key in key_values: if key != "name": payload[key] = str(key_values[key]) content_request(uri, session_key, "POST", payload, msg)
def create_stanza(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key_values: the key-value dict of the stanza :return: None on success otherwise throw exception """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) msg = "Failed to create stanza=%s in conf=%s" % (stanza, conf_name) payload = {"name": stanza} for key in key_values: if key != "name": payload[key] = str(key_values[key]) content_request(uri, session_key, "POST", payload, msg)
def create_data_input(splunkd_uri, session_key, owner, app_name, input_type, name, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be created. :param key_values: a K-V dict of details in the data input stanza. :return: None on success else raise exception """ key_values["name"] = name uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) msg = "Failed to create data input in app=%s: %s://%s" % (app_name, input_type, name) content_request(uri, session_key, "POST", key_values, msg)
def update_stanza(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key_values: the key-value dict of the stanza :return: None on success otherwise raise exception """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/" + stanza.replace("/", "%2F") msg = "Failed to update stanza=%s in conf=%s" % (stanza, conf_name) return content_request(uri, session_key, "POST", key_values, msg)
def update_stanza(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key_values): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key_values: the key-value dict of the stanza :return: None on success otherwise raise exception """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/" + util.format_stanza_name(stanza) msg = "Failed to update stanza=%s in conf=%s" % (stanza, conf_name) return content_request(uri, session_key, "POST", key_values, msg)
def get_property(splunkd_uri, session_key, owner, app_name, conf_name, stanza, key): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :param key: the property name :return: the property value """ uri = _property_endpoint_ns(splunkd_uri, owner, app_name, conf_name) uri += "/%s/%s" % (stanza.replace("/", "%2F"), key) msg = "Properties: failed to get conf=%s, stanza=%s, key=%s" % \ (conf_name, stanza, key) return content_request(uri, session_key, "GET", None, msg)
def _do_request(self, uri, method, payload, err_msg): content = req.content_request(uri, self.session_key, method, payload, err_msg) return xdp.parse_conf_xml_dom(content)
def _do_request(self, uri, method, payload, err_msg): _, content = req.content_request(uri, self.session_key, method, payload, err_msg) return xdp.parse_conf_xml_dom(content)