def main(): logger.info('START AutoFocus tag retrieval') # Init. results, dummy, settings = splunk.Intersplunk.getOrganizedResults() skey = settings['sessionKey'] connector = common.SplunkConnector(skey, logger) apikey = connector.get_autofocus_apikey() stats = { 'daily_points': 0, 'daily_points_remaining': 0, 'tags': 0, } # Retrieve all tags from AutoFocus. try: all_tags = pull_tags(apikey, stats) except Exception as e: logger.error('Exception in pull_tags: {0}'.format(e)) all_tags = [] stats['tags'] = len(all_tags) # Delete old entries from the kvstore. delete_from_kvstore(all_tags, skey, stats) # Save new entries to the kvstore. save_to_kvstore(all_tags, skey, stats) # Done. # | panautofocustags | collect index=default source="panautofocustags" sourcetype="autofocus" splunk.Intersplunk.outputResults([stats, ]) logger.info('END AutoFocus tag retrieval')
def __init__(self, settings, logger, action_name=None): super(PanWildFireSubmitModularAction, self).__init__(settings, logger, action_name) self.verbose = self.configuration.get('verbose', 'false') in ["True", "true", "yes", "on"] self.logger.debug("verbose = %s", self.verbose) self.resultcount = 0 connector = common.SplunkConnector(self.session_key, self.logger) api_key = connector.get_wildfire_apikey() self.wfapi = pan.wfapi.PanWFapi(api_key=api_key)
def __init__(self, settings, logger, action_name=None): super(PantagModularAction, self).__init__(settings, logger, action_name) self.connector = common.SplunkConnector(self.session_key, self.logger) self.verbose = self.configuration.get( 'verbose', 'false') in ["True", "true", "yes", "on"] self.device = self.configuration.get('device', '') self.action = self.configuration.get('action', 'add') self.tag = self.configuration.get('tag', '') self.resultcount = 0 self.logger.debug("verbose = %s", self.verbose) self.logger.debug("action = %s", self.action) self.logger.debug("device = %s", self.device) self.logger.debug("tag = %s", self.tag) # Parse the tags into a list self.tags = [x.strip() for x in self.tag.split(',')] # Place holder for firewall instance self.firewall = None