grunk 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. data/bin/grunk +49 -28
  2. metadata +1 -1
data/bin/grunk CHANGED
@@ -8,10 +8,21 @@ require 'pp'
8
8
  options = Hash.new
9
9
  options[:time] = false
10
10
  options[:show_source] = false
11
- options[:earliest_time] = '-1d'
11
+ options[:earliest_time] = '-15m'
12
12
  options[:latest_time] = 'now'
13
13
 
14
- opt = Getopt::Std.getopts "sdom:e:l:"
14
+ opt = Getopt::Std.getopts "hsdo:e:l:"
15
+
16
+ if opt['h']
17
+ puts "Usage: grunk [switches] 'search query'"
18
+ puts " -h Display help"
19
+ puts " -s Show source"
20
+ puts " -d Show timestamp"
21
+ puts " -o Show host"
22
+ puts " -e time Earliest time (Default: -15m)"
23
+ puts " -l time Latest time (Default: now)"
24
+ exit
25
+ end
15
26
 
16
27
  if opt["l"]
17
28
  options[:latest_time] = opt["l"]
@@ -34,40 +45,50 @@ if opt["o"]
34
45
  end
35
46
 
36
47
  rc_file = File.new(File.expand_path('~/.splunkrc'), "r")
48
+ unless rc_file
49
+ puts "Could not read .splunkrc file"
50
+ exit 255
51
+ end
37
52
  $config = eval(rc_file.read)
38
53
 
39
54
  service = Splunk::Service.new $config
40
55
  service.login
41
56
  job = service.create_search "search #{ARGV[0]}", :earliest_time => options[:earliest_time], :latest_time => options[:latest_time]
42
57
 
43
- while !job.is_ready?
44
- sleep 0.1
45
- end
46
-
47
- results_offset = 0
48
- finished = false
49
-
50
- until finished
51
- if job.is_done?
52
- finished=true
53
- stream = job.results(:offset => results_offset, :count => 0)
54
- else
55
- stream = job.preview(:offset => results_offset, :count => 0)
58
+ begin
59
+ while !job.is_ready?
60
+ sleep 0.1
56
61
  end
57
62
 
58
- results = Splunk::ResultsReader.new stream
59
- results.each do |result|
60
- results_offset = results_offset + 1
61
- print "#{result["_time"]}: " if options[:time]
62
- if options[:show_host] || options[:show_source]
63
- print "("
64
- print result["host"] if options[:show_host]
65
- print ":" if options[:show_host] && options[:show_source]
66
- print result["source"] if options[:show_source]
67
- print ") "
63
+ results_offset = 0
64
+ finished = false
65
+
66
+ until finished
67
+ if job.is_done?
68
+ finished=true
69
+ stream = job.results(:offset => results_offset, :count => 0)
70
+ else
71
+ stream = job.preview(:offset => results_offset, :count => 0)
68
72
  end
73
+
74
+ results = Splunk::ResultsReader.new stream
75
+ results.each do |result|
76
+ results_offset = results_offset + 1
77
+ print "#{result["_time"]}: " if options[:time]
78
+ if options[:show_host] || options[:show_source]
79
+ print "("
80
+ print result["host"] if options[:show_host]
81
+ print ":" if options[:show_host] && options[:show_source]
82
+ print result["source"] if options[:show_source]
83
+ print ") "
84
+ end
69
85
 
70
- puts result["_raw"]
71
- end
72
- sleep 1
86
+ puts result["_raw"]
87
+ end
88
+ sleep 1
89
+ end
90
+ rescue SystemExit, Interrupt
91
+ exit
92
+ rescue Exception => e
93
+ raise
73
94
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.6
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors: