def get_data_input(splunkd_uri, session_key, owner, app_name, input_type, name=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return: a list of stanzas in the input type, including metadata """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) if name: uri += "/" + name.replace("/", "%2F") msg = "Failed to get data input in app=%s: %s://%s" % (app_name, input_type, name) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def _get_credentials(self, prop, name=None): """ :return: clear or encrypted password for specified realm, user """ endpoint = self._get_endpoint(name, True) response, content = rest.splunkd_request( endpoint, self._session_key, method="GET") if response is None and content is None: raise CredException("Failed to get clear credentials") results = {} if response and response.status in (200, 201) and content: passwords = xdp.parse_conf_xml_dom(content) for password in passwords: if password.get("realm") == self._realm: values = password[prop].split(self._sep) if len(values) % 2 == 1: continue result = { values[i]: values[i + 1] for i in range(0, len(values), 2) } results[password.get("username")] = result return results
def get_google_creds(server_uri, session_key, user="******", app=ggc.splunk_ta_google, cred_name=""): """ :param: get clear creds for cred_name. :return: a dict of dict which contains all creds. if cred_name is in (None, ""), return all creds """ if not cred_name: cred_name = "" url = ("{server_uri}/servicesNS/{user}/{app}/splunk_ta_google" "/google_credentials/{name}?--get-clear-credential--=1").format( server_uri=server_uri, user=user, app=app, name=urllib.quote(cred_name, safe=''), ) response, content = sr.splunkd_request(url, session_key, method="GET") if not response or response.status not in (200, 201): raise Exception("Failed to get google credentials for name={}. " "Check util log for more details".format(cred_name)) stanzas = xdp.parse_conf_xml_dom(content) creds = {} for stanza in stanzas: cred = json.loads(stanza[ggc.google_credentials]) stanza[ggc.google_credentials] = cred creds[stanza[ggc.name]] = stanza return creds
def get_data_input(splunkd_uri, session_key, owner, app_name, input_type, name=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. '-', 'nobody' :param app_name: the app's name, e.g. 'Splunk_TA_aws' :param input_type: name of the input type. if it is a script input, the input is 'script', for modinput, say snow, the input is 'snow' :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return: the key-value dict of the data input, or a list of stanzas in the input type, including metadata """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) if name: uri += "/" + util.format_stanza_name(name) msg = "Failed to get data input in app=%s: %s://%s" % (app_name, input_type, name) content = _content_request(uri, session_key, "GET", None, msg) if content is not None: result = xdp.parse_conf_xml_dom(content) if name: result = result[0] return result return None
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += "/" + stanza.replace("/", "%2F") # get all the stanzas at one time uri += "?count=0&offset=0" msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. '-', 'nobody' :param app_name: the app's name, e.g. 'Splunk_TA_aws' :param conf_name: the name of the conf file, e.g. 'props' :param stanza: stanza name, e.g. 'aws:cloudtrail' :return: the key-value dict of the stanza, or a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += '/' + stanza.replace('/', '%2F') msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza) content = _content_request(uri, session_key, "GET", None, msg) if content is not None: result = xdp.parse_conf_xml_dom(content) if stanza: result = result[0] return result return None
def get_global_settings(server_uri, session_key, user="******", app=ggc.splunk_ta_google): """ :param: get global settings for global settings :return: a dict of dict which contains global settings . """ url = ("{server_uri}/servicesNS/{user}/{app}/splunk_ta_google" "/google_settings?--get-clear-credential--=1").format( server_uri=server_uri, user=user, app=app) response, content = sr.splunkd_request(url, session_key, method="GET") if not response or response.status not in (200, 201): raise Exception("Failed to get google global settings." "Check util log for more details %s" % url) stanzas = xdp.parse_conf_xml_dom(content) settings = {} for stanza in stanzas: settings[stanza[ggc.name]] = stanza if not utils.is_true(settings[ggc.proxy_settings].get(ggc.proxy_enabled)): settings[ggc.proxy_settings][ggc.proxy_url] = None return settings
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += "/" + util.format_stanza_name(stanza) # get all the stanzas at one time uri += "?count=0&offset=0" msg = "Failed to get stanza={} in conf={}".format( stanza if stanza else stanza, conf_name, ) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def get_conf(splunkd_uri, session_key, owner, app_name, conf_name, stanza=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param conf_name: the name of the conf file, e.g. "props" :param stanza: stanza name, e.g. "aws:cloudtrail" :return: a list of stanzas in the conf file, including metadata """ uri = _conf_endpoint_ns(splunkd_uri, owner, app_name, conf_name) if stanza: uri += "/" + _format_stanza_name(stanza) # workaround count limit. uri += "?count=-1" msg = "Failed to get conf={0}, stanza={1}".format(conf_name, stanza) content = content_request(uri, session_key, "GET", None, msg) if not content: raise Exception(msg) return xdp.parse_conf_xml_dom(content)
def get_data_input(splunkd_uri, session_key, owner, app_name, input_type, name=None): """ :param splunkd_uri: splunkd uri, e.g. https://127.0.0.1:8089 :param session_key: splunkd session key :param owner: the owner (ACL user), e.g. "-", "nobody" :param app_name: the app"s name, e.g. "Splunk_TA_aws" :param input_type: name of the input type. if it is a script input, the input is "script", for modinput, say snow, the input is "snow" :param name: The name of the input stanza to create. i.e. stanza [<input_type>://<name>] will be deleted. :return: a list of stanzas in the input type, including metadata """ uri = _input_endpoint_ns(splunkd_uri, owner, app_name, input_type) if name: uri += urllib.quote("/" + name.replace("/", "%2F")) # get all the stanzas at one time uri += "?count=0&offset=0" msg = "Failed to get data input in app=%s: %s://%s" % ( app_name, input_type, name) content = content_request(uri, session_key, "GET", None, msg) return xdp.parse_conf_xml_dom(content)
def _do_rest(uri, session_key): resp, content = rest.splunkd_request(uri, session_key) if resp is None: return None if resp.status not in (200, 201): return None stanza_objs = xdp.parse_conf_xml_dom(content) if not stanza_objs: return None return stanza_objs[0]
def get_all_passwords(self): """ @return: a list of dict when successful, None when failed. the dict at least contains { "realm": xxx, "username": yyy, "clear_password": zzz, } """ endpoint = "{}/services/storage/passwords".format(self._splunkd_uri) response, content = rest.splunkd_request(endpoint, self._session_key, method="GET") if response and response.status in (200, 201) and content: return xdp.parse_conf_xml_dom(content)
def _get_all_passwords(self): """ :return: a list of dict when successful, None when failed. the dict at least contains { "realm": xxx, "username": yyy, "clear_password": zzz, } """ endpoint = self._get_endpoint() response, content = rest.splunkd_request( endpoint, self._session_key, method="GET") if response and response.status in (200, 201, "200", "201") and content: return xdp.parse_conf_xml_dom(content) raise CredException("Failed to get credentials")
def _get_all_passwords(self): """ :return: a list of dict when successful, None when failed. the dict at least contains { "realm": xxx, "username": yyy, "clear_password": zzz, } """ endpoint = self._get_endpoint() response, content = rest.splunkd_request( endpoint, self._session_key, method="GET" ) if response and response.status in (200, 201, "200", "201") and content: return xdp.parse_conf_xml_dom(content) raise CredException("Failed to get credentials")
def get_conf(self, user, appname, file_name, stanza=None): """ @return: a list of dict stanza objects if successful. Otherwise return None """ if stanza: uri = "".join((self.splunkd_uri, "/servicesNS/", user, "/", appname, "/configs/conf-", file_name, "/", stanza)) else: uri = "".join( (self.splunkd_uri, "/servicesNS/", user, "/", appname, "/configs/conf-", file_name, "?count=0&offset=0")) msg = "Failed to get conf={0}, stanza={1}".format(file_name, stanza) content = self._do_request(uri, "GET", None, msg) if content is not None: return xdp.parse_conf_xml_dom(content) return None
def get_data_input(self, user, appname, input_type, stanza_name=None): """ @user: ACL user @appname: target app directory @input_type: if it is a script input, the input_type "script", for modinput, say snow, the intput_type "snow" @stanza_name: name of the stanza to be deleted @return: a list of dict objects, each is a stanza if success otherwise None """ if stanza_name: uri = "{}/servicesNS/{}/{}/data/inputs/{}/{}".format( self.splunkd_uri, user, appname, input_type, stanza_name) else: uri = "{}/servicesNS/{}/{}/data/inputs/{}?count=0&offset=0".format( self.splunkd_uri, user, appname, input_type) msg = "Failed to get data input stanza for {}, {}, {}".format( appname, input_type, stanza_name) content = self._do_request(uri, "GET", None, msg) if content is not None: return xdp.parse_conf_xml_dom(content) return None
def _do_request(self, uri, method, payload, err_msg): content = req.content_request(uri, self.session_key, method, payload, err_msg) return xdp.parse_conf_xml_dom(content)
def _do_request(self, uri, method, payload, err_msg): _, content = req.content_request(uri, self.session_key, method, payload, err_msg) return xdp.parse_conf_xml_dom(content)