def get_scheme(self): """Get basic scheme, with use_single_instance field set. :return: a basic input scheme """ scheme = smi.Scheme(self.input_type) scheme.use_single_instance = self.use_single_instance return scheme
def get_scheme(self): scheme = modularinput.Scheme("Socrata Data Feed") scheme.description = "Retrieve events from a Socrata-run government data site" scheme.use_single_instance = False scheme.use_external_validation = False url_arg = modularinput.Argument("url") url_arg.data_type = modularinput.Argument.data_type_string url_arg.description = "The Socrata SODA API resource URL" url_arg.required_on_create = True scheme.add_argument(url_arg) date_field_arg = modularinput.Argument("date_field") date_field_arg.data_type = modularinput.Argument.data_type_string date_field_arg.description = "Date field to sort on (and index by)" date_field_arg.required_on_create = True scheme.add_argument(date_field_arg) default_date_arg = modularinput.Argument("default_checkpoint_date") default_date_arg.data_type = modularinput.Argument.data_type_string default_date_arg.description = "Earliest date to index (in isoformat, like 2016-01-01)" default_date_arg.required_on_create = True scheme.add_argument(default_date_arg) limit_arg = modularinput.Argument("limit") limit_arg.data_type = modularinput.Argument.data_type_number limit_arg.description = "Number of events to pull per request" limit_arg.required_on_create = False scheme.add_argument(url_arg) return scheme
def get_scheme(self): scheme = smi.Scheme('lansweeper_input') scheme.description = 'Lansweeper Input' scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = False scheme.add_argument( smi.Argument('name', title='Name', description='Name', required_on_create=True)) scheme.add_argument(smi.Argument( 'site', required_on_create=True, )) scheme.add_argument( smi.Argument( 'account_name', required_on_create=True, )) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("AWS Evident.io") scheme.description = ("Collect notifications produced by AWS Evident.io." "The feature must be enabled and its SNS topic must be subscribed to an SQS queue.") scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = False # defaults != documented scheme defaults, so I'm being explicit. scheme.add_argument(smi.Argument("name", title="Name", description="Choose an ID or nickname for this configuration", required_on_create=True)) scheme.add_argument(smi.Argument("aws_account", title="AWS Account", description="AWS account", required_on_create=True, required_on_edit=True)) scheme.add_argument(smi.Argument("aws_region", title="SQS Queue Region", description=("Name of the AWS region in which the" " notification queue is located. Regions should be entered as" " e.g., us-east-1, us-west-2, eu-west-1, ap-southeast-1, etc."), required_on_create=True, required_on_edit=True)) scheme.add_argument(smi.Argument("sqs_queue", title="SQS Queue Name", description=("Name of queue to which notifications of AWS Evident.io" " are sent. The queue should be subscribed" " to the AWS Evident.io SNS topic."), required_on_create=True, required_on_edit=True)) scheme.add_argument(smi.Argument("enable_additional_notifications", title="Enable Debug", description=("Index additional SNS/SQS events to help with troubleshooting."), data_type=smi.Argument.data_type_boolean, required_on_create=False)) return scheme
def get_scheme(self): """Creates modular input scheme. Returns: modularinput.Scheme object. """ scheme = modularinput.Scheme(SPLUNK_MI_NAME) scheme.description = SPLUNK_MI_DESC scheme.use_external_validation = True card_id = modularinput.Argument('card_id') card_id.data_type = modularinput.Argument.data_type_number card_id.description = 'Monobank Card ID' card_id.required_on_create = True scheme.add_argument(card_id) token = modularinput.Argument('token') token.data_type = modularinput.Argument.data_type_string token.description = 'Monobank token' token.required_on_create = True scheme.add_argument(token) init_date = modularinput.Argument('init_date') init_date.data_type = modularinput.Argument.data_type_string init_date.description = 'Initial date for getting transactions list. Format: YYYY-MM-DD' init_date.required_on_create = True scheme.add_argument(init_date) log_level = modularinput.Argument('log_level') log_level.data_type = modularinput.Argument.data_type_string log_level.description = 'Log level (DEBUG|INFO)' log_level.required_on_create = True scheme.add_argument(log_level) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("SigsciEvent") scheme.title = ("Sigsci Events") scheme.description = ("") scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = True scheme.add_argument( smi.Argument("name", title="Name", description="", required_on_create=True)) scheme.add_argument( smi.Argument("delta", title="Time Delta", description="Time interval in minutes", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument("site", title="Dashboard Site", description="Name of the SigSci Dashboard Site", required_on_create=True, required_on_edit=True)) return scheme
def get_scheme(self): scheme = smi.Scheme('example_input_two') scheme.description = 'Example Input Two' scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = True scheme.add_argument( smi.Argument('name', title='Name', description='Name', required_on_create=True)) scheme.add_argument(smi.Argument( 'interval', required_on_create=True, )) scheme.add_argument(smi.Argument( 'account', required_on_create=True, )) scheme.add_argument( smi.Argument( 'input_two_multiple_select', required_on_create=True, )) scheme.add_argument( smi.Argument( 'input_two_checkbox', required_on_create=False, )) scheme.add_argument( smi.Argument( 'input_two_radio', required_on_create=False, )) scheme.add_argument( smi.Argument( 'use_existing_checkpoint', required_on_create=False, )) scheme.add_argument( smi.Argument( 'start_date', required_on_create=False, )) scheme.add_argument( smi.Argument( 'example_help_link', required_on_create=False, )) return scheme
def get_scheme(self): scheme = smi.Scheme('geoipupdate') scheme.description = 'geoipupdate' scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = True scheme.add_argument( smi.Argument('name', title='Name', description='Name', required_on_create=True)) scheme.add_argument(smi.Argument( 'interval', required_on_create=True, )) scheme.add_argument( smi.Argument( 'edition_ids', required_on_create=True, )) scheme.add_argument( smi.Argument( 'global_account', required_on_create=True, )) return scheme
def get_scheme(self): """ Overloaded splunklib modularinput method """ scheme = smi.Scheme('em_entity_manager') scheme.title = ('Splunk Insights for Infrastructure - Entity Manager') scheme.description = ( 'Entity Manager helps to discover and manage your entities') log_level = 'The logging level of the modular input. Defaults to DEBUG' scheme.add_argument( smi.Argument('log_level', title='Log Level', description=log_level, required_on_create=False)) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("Statuscake_Alerts") scheme.title = ("Status Cake Alerts") scheme.description = ("Status Cake Alerts") scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = False scheme.add_argument(smi.Argument("name", title="Name", description="", required_on_create=True)) scheme.add_argument(smi.Argument("placeholder", title="Placeholder", description="Do not set any value to this", required_on_create=False)) return scheme
def get_scheme(self): scheme = modularinput.Scheme("Hello World SDK") scheme.description = "A simple demonstration of a modular input using the SDK" scheme.use_external_validation = True name_arg = modularinput.Argument( name="name_to_greet", data_type=modularinput.Argument.data_type_string, description="Name to use in greeting", required_on_create=True, title="Who to Greet" ) # If the validation message uses single quotes a very cryptic error is returned: "Expecting different token" name_arg.validation = "validate(match('name_to_greet', '^(?![Bb]ob)'), \"We don't like Bob.\")" scheme.add_argument(name_arg) return scheme
def get_scheme(self): """ Overloaded splunklib modularinput method """ scheme = smi.Scheme('aws_input_restarter') scheme.title = ( 'Splunk Insights for Infrastructure - AWS Input Restarter') scheme.description = ( 'Restarts certain AWS inputs to workaround TA-AWS bugs') log_level = 'The logging level of the modular input. Defaults to DEBUG' scheme.add_argument( smi.Argument('log_level', title='Log Level', description=log_level, required_on_create=False)) return scheme
def get_scheme(self): scheme = splunk.Scheme("Jamf Modular Input") scheme.description = "Retrieves computer data from Jamf Pro." scheme.use_external_validation = True username_argument = splunk.Argument("jss_username") username_argument.data_type = splunk.Argument.data_type_string username_argument.description = "Jamf Pro Username" username_argument.required_on_create = True scheme.add_argument(username_argument) password_argument = splunk.Argument("jss_password") password_argument.data_type = splunk.Argument.data_type_string password_argument.description = "Jamf Pro Password" password_argument.required_on_create = True scheme.add_argument(password_argument) api_argument = splunk.Argument("api_call") api_argument.data_type = splunk.Argument.data_type_string api_argument.description = "Type of Advanced Search to call" api_argument.required_on_create = True scheme.add_argument(api_argument) search_name_argument = splunk.Argument("search_name") search_name_argument.data_type = splunk.Argument.data_type_string search_name_argument.description = "Preconfigured Advanced Search to call" search_name_argument.required_on_create = True scheme.add_argument(search_name_argument) url_argument = splunk.Argument("jss_url") url_argument.data_type = splunk.Argument.data_type_string url_argument.description = "Jamf Pro URL" url_argument.required_on_create = True scheme.add_argument(url_argument) index_argument = splunk.Argument("index") index_argument.data_type = splunk.Argument.data_type_string index_argument.description = "Destination index" host_argument = splunk.Argument("host") host_argument.data_type = splunk.Argument.data_type_string host_argument.description = "Host" return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("autofocus_export") scheme.title = ("AutoFocus Export List") scheme.description = ("Retrieve export list from AutoFocus") scheme.use_external_validation = True scheme.streaming_mode_xml = False scheme.use_single_instance = True scheme.add_argument( smi.Argument("name", title="Name", description="", required_on_create=True)) scheme.add_argument( smi.Argument("label", title="label", description="", required_on_create=True, required_on_edit=True)) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("jira") scheme.title = ("jira") scheme.description = ("") scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = False desc_server = "JIRA server" scheme.add_argument(smi.Argument("server", title="server", description=desc_server, required_on_create=True)) desc_username = '******' scheme.add_argument(smi.Argument("username", title="username", description=desc_username, required_on_create=True)) desc_password = '******' scheme.add_argument(smi.Argument("password", title="password", description=desc_password, required_on_create=True)) desc_protocol = 'REST API protocol, e.g., https' scheme.add_argument(smi.Argument("protocol", title="protocol", description=desc_protocol, required_on_create=True)) desc_port = 'REST API port, e.g., 443' scheme.add_argument(smi.Argument("port", title="port", description=desc_port, required_on_create=True)) desc_jql = "JQL query to filter tickets which are indexed, " \ "e.g., issueType in (epic, story)" scheme.add_argument(smi.Argument("jql", title="jql", description=desc_jql, required_on_create=True)) desc_fields = "Fields to be indexed, a comma separated field list" \ "e.g., key, summary, project, updated" scheme.add_argument(smi.Argument("fields", title="fields", description=desc_fields, required_on_create=True)) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("AWS CloudWatch") scheme.description = ( "Collect and index metrics produced by AWS CloudWatch.") scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = True # defaults != documented scheme defaults, so I'm being explicit. scheme.add_argument( smi.Argument( "name", title="Name", description="Choose an ID or nickname for this configuration", required_on_create=True)) scheme.add_argument( smi.Argument("aws_account", title="AWS Account", description="AWS account", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument( "aws_region", title="AWS CloudWatch Region", description= ("Name of the AWS region in which the metrics are located." " Regions should be entered as" " e.g., us-east-1, us-west-2, eu-west-1, ap-southeast-1, etc." ), required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument("metric_namespace", title="AWS CloudWatch Metric Namespace", description="Name of the AWS Metric Namespace.", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument("metric_names", title="AWS CloudWatch Metric Names", description="Names of the AWS Metrics.", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument("metric_dimensions", title="AWS CloudWatch Dimensions", description="JSON encoded", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument( "statistics", title="AWS CloudWatch Metric Statistics Being Requested", description=("List of valid values (JSON encoded):" " Average, Sum, SampleCount, Maximum, Minimum"), required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument( "period", title="AWS CloudWatch Metric Granularity", description= ("The period in seconds. Must be at least 60 seconds, and a" " multiple of 60. The default value is 300. The maximum is 21600" ), required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument( "polling_interval", title="AWS CloudWatch Minimum Polling Interval", description=( "The period in seconds. Must be a multiple of period." " The default is the value of period. The maximum is 21600." ), required_on_create=True, required_on_edit=True)) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("AWS CloudTrail") scheme.description = ( "Collect and index log files produced by AWS CloudTrail." " CloudTrail logging must be enabled and published to SNS topics and an SQS queue." ) scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = False # defaults != documented scheme defaults, so I'm being explicit. scheme.add_argument( smi.Argument( "name", title="Name", description="Choose an ID or nickname for this configuration", required_on_create=True)) scheme.add_argument( smi.Argument("aws_account", title="AWS Account", description="AWS account", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument( "aws_region", title="SQS Queue Region", description= ("Name of the AWS region in which the" " notification queue is located. Regions should be entered as" " e.g., us-east-1, us-west-2, eu-west-1, ap-southeast-1, etc." ), required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument( "sqs_queue", title="SQS Queue Name", description= ("Name of queue to which notifications of new CloudTrail" " logs are sent. CloudTrail logging should be configured to" " publish to an SNS topic. The queue should be subscribed" " to the topics that notify of the desired logs. (Note that" " multiple topics from different regions can publish to a single" " queue if desired.)"), required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument( "exclude_describe_events", title="Exclude \"Describe*\" events", description=( "Do not index \"Describe\" events. These events typically" " constitute a high volume of calls, and indicate" " read-only requests for information."), data_type=smi.Argument.data_type_boolean, required_on_create=False)) scheme.add_argument( smi.Argument( "remove_files_when_done", title="Remove log files when done", description=( "Delete log files from the S3 bucket once they have been" "read and sent to the Splunk index"), data_type=smi.Argument.data_type_boolean, required_on_create=False)) scheme.add_argument( smi.Argument( "blacklist", title="Blacklist for Describe events", description= ("PCRE regex for specifying event names to be excluded. Leave blank" " to use the default set of read-only event names"), required_on_create=False)) scheme.add_argument( smi.Argument( "excluded_events_index", title="Excluded events index", description= ("Optional index in which to write the excluded events. Leave blank" " to use the default of simply deleting events. Specified indexes" " must be created in Splunk for this to be effective."), required_on_create=False)) return scheme
def get_scheme(self): """overloaded splunklib modularinput method""" scheme = smi.Scheme("AWS S3") scheme.description = ("Collect and index log files stored in AWS S3.") scheme.use_external_validation = True scheme.streaming_mode_xml = True scheme.use_single_instance = False scheme.add_argument( smi.Argument( "name", title="Name", description="Choose an ID or nickname for this configuration", required_on_create=True)) scheme.add_argument( smi.Argument("aws_account", title="AWS Account", description="AWS account", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument("bucket_name", title="Bucket Name", description="Bucket name", required_on_create=True, required_on_edit=True)) scheme.add_argument( smi.Argument("key_name", title="Key Name", description="Key name", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument( "recursion_depth", title="Recursion Depth", description= "Only applies if key_name is a folder prefix (e.g., \"path/\")", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument("initial_scan_datetime", title="Initital Scan DateTime", description="Initial scan datetime.", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument("max_items", title="Max Items", description="Max trackable items.", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument( "max_retries", title="Max Item Retries", description= "Max number of retry attempts to stream incomplete items.", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument("whitelist", title="Whitelist Regex", description="Whitelist", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument("blacklist", title="Blacklist Regex", description="Blacklist", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument("host_name", title="S3 host name", description="S3 host name", required_on_create=False, required_on_edit=False)) scheme.add_argument( smi.Argument("is_secure", title="whether to use secure connection", description="whether to use secure connection", required_on_create=False, required_on_edit=False)) return scheme
def get_scheme(self): scheme = smi.Scheme("Zenoss Events") scheme.description = "Modular input to pull events from Zenoss API" scheme.use_external_validation = True scheme.use_single_instance = False zenoss_username = smi.Argument("zenoss_username") zenoss_username.data_type = smi.Argument.data_type_string zenoss_username.required_on_edit = True zenoss_username.required_on_create = True scheme.add_argument(zenoss_username) zenoss_realm = smi.Argument("zenoss_realm") zenoss_realm.data_type = smi.Argument.data_type_string zenoss_realm.required_on_edit = False zenoss_realm.required_on_create = False scheme.add_argument(zenoss_realm) zenoss_server = smi.Argument("zenoss_server") zenoss_server.data_type = smi.Argument.data_type_string zenoss_server.required_on_edit = True zenoss_server.required_on_create = True scheme.add_argument(zenoss_server) no_ssl_cert_check = smi.Argument("no_ssl_cert_check") no_ssl_cert_check.data_type = smi.Argument.data_type_boolean no_ssl_cert_check.required_on_edit = True no_ssl_cert_check.required_on_create = True scheme.add_argument(no_ssl_cert_check) cafile = smi.Argument("cafile") cafile.data_type = smi.Argument.data_type_string cafile.required_on_edit = False cafile.required_on_create = False scheme.add_argument(cafile) device = smi.Argument("device") device.data_type = smi.Argument.data_type_string device.required_on_edit = False device.required_on_create = False scheme.add_argument(device) tzone = smi.Argument("tzone") tzone.data_type = smi.Argument.data_type_string tzone.required_on_edit = False tzone.required_on_create = False scheme.add_argument(tzone) start_date = smi.Argument("start_date") start_date.data_type = smi.Argument.data_type_string start_date.required_on_edit = False start_date.required_on_create = False scheme.add_argument(start_date) index_closed = smi.Argument("index_closed") index_closed.data_type = smi.Argument.data_type_boolean index_closed.required_on_edit = False index_closed.required_on_create = False scheme.add_argument(index_closed) index_cleared = smi.Argument("index_cleared") index_cleared.data_type = smi.Argument.data_type_boolean index_cleared.required_on_edit = False index_cleared.required_on_create = False scheme.add_argument(index_cleared) index_archived = smi.Argument("index_archived") index_archived.data_type = smi.Argument.data_type_boolean index_archived.required_on_edit = False index_archived.required_on_create = False scheme.add_argument(index_archived) index_suppressed = smi.Argument("index_suppressed") index_suppressed.data_type = smi.Argument.data_type_boolean index_suppressed.required_on_edit = False index_suppressed.required_on_create = False scheme.add_argument(index_suppressed) index_repeats = smi.Argument("index_repeats") index_repeats.data_type = smi.Argument.data_type_boolean index_repeats.required_on_edit = False index_repeats.required_on_create = False scheme.add_argument(index_repeats) archive_threshold = smi.Argument("archive_threshold") archive_threshold.data_type = smi.Argument.data_type_string archive_threshold.required_on_edit = False archive_threshold.required_on_create = False scheme.add_argument(archive_threshold) checkpoint_delete_threshold = smi.Argument( "checkpoint_delete_threshold") checkpoint_delete_threshold.data_type = smi.Argument.data_type_string checkpoint_delete_threshold.required_on_edit = False checkpoint_delete_threshold.required_on_create = False scheme.add_argument(checkpoint_delete_threshold) proxy_uri = smi.Argument("proxy_uri") proxy_uri.data_type = smi.Argument.data_type_string proxy_uri.required_on_edit = False proxy_uri.required_on_create = False scheme.add_argument(proxy_uri) proxy_username = smi.Argument("proxy_username") proxy_username.data_type = smi.Argument.data_type_string proxy_username.required_on_edit = False proxy_username.required_on_create = False scheme.add_argument(proxy_username) proxy_realm = smi.Argument("proxy_realm") proxy_realm.data_type = smi.Argument.data_type_string proxy_realm.required_on_edit = False proxy_realm.required_on_create = False scheme.add_argument(proxy_realm) return scheme