def getSessionKey(username, password, hostPath=None):
'''
Get a session key from the auth system
'''
uri = '/services/auth/login'
if hostPath:
uri = splunk.mergeHostPath(hostPath) + uri
args = {'username': username, 'password': password }
# To prove the theory of timing issue of Splunkd not in running state
# in Windows Bamboo tests, sleep for 10 seconds
# An attempt to fix SPL-37413
# if platform.system() == 'Windows':
# time.sleep(10)
serverResponse, serverContent = rest.simpleRequest(uri, postargs=args)
if serverResponse.status != 200:
logger.error('getSessionKey - unable to login; check credentials')
rest.extractMessages(et.fromstring(serverContent))
return None
root = et.fromstring(serverContent)
sessionKey = root.findtext('sessionKey')
splunk.setDefault('username', username)
splunk.setDefault('sessionKey', sessionKey)
return sessionKey
def getSessionKey(username, password, hostPath=None):
'''
Get a session key from the auth system
'''
uri = '/services/auth/login'
if hostPath:
uri = splunk.mergeHostPath(hostPath) + uri
args = {'username': username, 'password': password}
# To prove the theory of timing issue of Splunkd not in running state
# in Windows Bamboo tests, sleep for 10 seconds
# An attempt to fix SPL-37413
# if platform.system() == 'Windows':
# time.sleep(10)
serverResponse, serverContent = rest.simpleRequest(uri, postargs=args)
if serverResponse.status != 200:
logger.error('getSessionKey - unable to login; check credentials')
rest.extractMessages(et.fromstring(serverContent))
return None
root = et.fromstring(serverContent)
sessionKey = root.findtext('sessionKey')
splunk.setDefault('username', username)
splunk.setDefault('sessionKey', sessionKey)
return sessionKey
def submit(event, hostname=None, source=None, sourcetype=None, index=None):
"""
the interface to the 'simple' receivers endpoint
"""
global h
#construct the uri to POST to
base_uri = splunk.mergeHostPath()
postargs = {
'host': hostname,
'source': source,
'sourcetype': sourcetype,
'index': index
}
uri = base_uri + '/services/receivers/simple?%s' % urlencode(postargs)
#get default session key. If none exists, the rest call will raise a splunk.AuthenticationFailed exception
sessionKey = splunk.getDefault('sessionKey')
#make the call, we cannot use the rest interface here as it urlencodes the payload
serverResponse, serverContent = h.request(
uri,
"POST",
headers={'Authorization': 'Splunk %s' % sessionKey},
body=event)
#process results
root = et.fromstring(serverContent)
#4xx error messages indicate a client side error e.g. bad request, unauthorized etc so raise a RESTException
if 400 <= serverResponse.status < 500:
extractedMessages = rest.extractMessages(root)
msg_text = []
for msg in extractedMessages:
msg_text.append(
'message type=%(type)s code=%(code)s text=%(text)s;' % msg)
raise splunk.RESTException, (serverResponse.status, msg_text)
#5xx error messages indicate server side error e.g. Internal server error etc so raise a SplunkdException
elif serverResponse.status >= 500:
extractedMessages = rest.extractMessages(root)
msg_text = []
for msg in extractedMessages:
msg_text.append(
'message type=%(type)s code=%(code)s text=%(text)s;' % msg)
raise splunk.SplunkdException, (serverResponse.status, msg_text)
#everything is kosher...
else:
return serverResponse
def dispatchSavedSearch(savedSearchName, sessionKey=None, namespace=None, owner=None, hostPath=None, now=0, triggerActions=0, **kwargs):
"""Initiates a new job based on a saved search."""
uri = entity.buildEndpoint(['saved', 'searches', savedSearchName, 'dispatch'], namespace=namespace, owner=owner)
if hostPath:
uri = splunk.mergeHostPath(hostPath) + uri
args = {
'now': now,
'trigger_actions' : triggerActions
}
for key, val in kwargs.items():
if key in SAVED_SEARCH_DISPATCH_ARG_MAP:
args[SAVED_SEARCH_DISPATCH_ARG_MAP[key]] = val
# Pass through for dispatch.* formated kwargs
elif key.startswith('dispatch.'):
args[key] = val
serverResponse, serverContent = rest.simpleRequest(uri, postargs=args, sessionKey=sessionKey)
root = et.fromstring(serverContent)
# normal messages from splunkd are propogated via SplunkdException;
if not 201 == serverResponse.status:
extractedMessages = rest.extractMessages(root)
for msg in extractedMessages:
raise splunk.SearchException, msg['text']
# get the search ID
sid = root.findtext('sid').strip()
# instantiate result object
return splunk.search.SearchJob(sid, hostPath, sessionKey, namespace, owner)
def dispatchSavedSearch(savedSearchName, sessionKey=None, namespace=None, owner=None, hostPath=None, now=0, triggerActions=0, **kwargs):
"""Initiates a new job based on a saved search."""
uri = entity.buildEndpoint(['saved', 'searches', savedSearchName, 'dispatch'], namespace=namespace, owner=owner)
if hostPath:
uri = splunk.mergeHostPath(hostPath) + uri
args = {
'now': now,
'trigger_actions' : triggerActions
}
for key, val in kwargs.items():
if key in SAVED_SEARCH_DISPATCH_ARG_MAP:
args[SAVED_SEARCH_DISPATCH_ARG_MAP[key]] = val
# Pass through for dispatch.* formated kwargs
elif key.startswith('dispatch.'):
args[key] = val
serverResponse, serverContent = rest.simpleRequest(uri, postargs=args, sessionKey=sessionKey)
root = et.fromstring(serverContent)
# normal messages from splunkd are propogated via SplunkdException;
if not 201 == serverResponse.status:
extractedMessages = rest.extractMessages(root)
for msg in extractedMessages:
raise splunk.SearchException, msg['text']
# get the search ID
sid = root.findtext('sid').strip()
# instantiate result object
return splunk.search.SearchJob(sid, hostPath, sessionKey, namespace, owner)
def submit(event, hostname=None, source=None, sourcetype=None, index=None):
"""
the interface to the 'simple' receivers endpoint
"""
global h
#construct the uri to POST to
base_uri = splunk.mergeHostPath()
postargs = {'host': hostname, 'source': source, 'sourcetype' : sourcetype, 'index':index}
uri = base_uri + '/services/receivers/simple?%s' % urlencode(postargs)
#get default session key. If none exists, the rest call will raise a splunk.AuthenticationFailed exception
sessionKey = splunk.getDefault('sessionKey')
#make the call, we cannot use the rest interface here as it urlencodes the payload
serverResponse, serverContent = h.request(uri, "POST", headers={'Authorization':'Splunk %s' % sessionKey}, body=event)
#process results
root = et.fromstring(serverContent)
#4xx error messages indicate a client side error e.g. bad request, unauthorized etc so raise a RESTException
if 400 <= serverResponse.status < 500:
extractedMessages = rest.extractMessages(root)
msg_text = []
for msg in extractedMessages:
msg_text.append('message type=%(type)s code=%(code)s text=%(text)s;' % msg)
raise splunk.RESTException, (serverResponse.status, msg_text)
#5xx error messages indicate server side error e.g. Internal server error etc so raise a SplunkdException
elif serverResponse.status >= 500:
extractedMessages = rest.extractMessages(root)
msg_text = []
for msg in extractedMessages:
msg_text.append('message type=%(type)s code=%(code)s text=%(text)s;' % msg)
raise splunk.SplunkdException, (serverResponse.status, msg_text)
#everything is kosher...
else:
return serverResponse
def getSessionKeyForTrustedUser(username, hostPath=None):
'''
Get a session key from the auth system
'''
uri = '/services/auth/trustedlogin'
if hostPath:
uri = splunk.mergeHostPath(hostPath) + uri
args = {'username': username}
serverResponse, serverContent = rest.simpleRequest(uri, postargs=args)
if serverResponse.status != 200:
logger.error('getSessionKey - unable to login; check credentials')
rest.extractMessages(et.fromstring(serverContent))
return None
root = et.fromstring(serverContent)
sessionKey = root.findtext('sessionKey')
splunk.setDefault('username', username)
splunk.setDefault('sessionKey', sessionKey)
return sessionKey
def getSessionKeyForTrustedUser(username, hostPath=None):
'''
Get a session key from the auth system
'''
uri = '/services/auth/trustedlogin'
if hostPath:
uri = splunk.mergeHostPath(hostPath) + uri
args = {'username': username}
serverResponse, serverContent = rest.simpleRequest(uri, postargs=args)
if serverResponse.status != 200:
logger.error('getSessionKey - unable to login; check credentials')
rest.extractMessages(et.fromstring(serverContent))
return None
root = et.fromstring(serverContent)
sessionKey = root.findtext('sessionKey')
splunk.setDefault('username', username)
splunk.setDefault('sessionKey', sessionKey)
return sessionKey
