rsplunk 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.txt +37 -5
- data/Rakefile +1 -1
- data/lib/rsplunk/auth.rb +15 -15
- data/lib/rsplunk.rb +35 -1
- metadata +7 -7
data/README.txt
CHANGED
@@ -6,10 +6,42 @@ This is a gem to facilitate Splunk searches and indexing.
|
|
6
6
|
|
7
7
|
== SYNOPSIS:
|
8
8
|
|
9
|
-
require '
|
9
|
+
require 'rsplunk'
|
10
10
|
|
11
|
-
|
12
|
-
foo.
|
11
|
+
=== To create a Splunk instance
|
12
|
+
foo = Rsplunk.set('HOST', PORT)
|
13
|
+
=> "@host, @port"
|
14
|
+
|
15
|
+
=== To create a Splunk session
|
16
|
+
session = Rsplunk::Auth.new('username', 'password')
|
17
|
+
=> #<Rsplunk::Auth:0x1080daf8 @pass="password", @user="username">
|
18
|
+
|
19
|
+
Appending the 'session_token' method will give you your token:
|
20
|
+
session.session_token
|
21
|
+
=> "66f8ee2ab56a2e30d3a016f6b78e50ce"
|
22
|
+
|
23
|
+
=== To view current query jobs:
|
24
|
+
bar = Rsplunk::Search.new
|
25
|
+
bar.query_jobs
|
26
|
+
|
27
|
+
This will bring back a very unsexy XML package for you.
|
28
|
+
|
29
|
+
'query_jobs' can take arguements to return certain XML parameters:
|
30
|
+
|
31
|
+
For example:
|
32
|
+
bar.query_jobs("name", "published", "title")
|
33
|
+
|
34
|
+
will return the owner, published date, and query string for all current running jobs.
|
35
|
+
|
36
|
+
=== To create a job:
|
37
|
+
res = bar.create_job("Hello, World")
|
38
|
+
=> "1334848433.7828"
|
39
|
+
|
40
|
+
Where, "1334848433.7828" is the Search ID returned from the job.
|
41
|
+
|
42
|
+
=== To list job results:
|
43
|
+
bar.job_results(res)
|
44
|
+
=> XML results
|
13
45
|
|
14
46
|
== REQUIREMENTS:
|
15
47
|
|
@@ -20,8 +52,8 @@ Access to a working Splunk environment.
|
|
20
52
|
gem install rsplunk
|
21
53
|
|
22
54
|
== Upcoming Features:
|
23
|
-
* As of now,
|
24
|
-
*
|
55
|
+
* Provide a timeline for Search. As of now, it sets to 'All Time'.
|
56
|
+
* Credentials providing: delete a query
|
25
57
|
|
26
58
|
== Contributing to rSplunk
|
27
59
|
|
data/Rakefile
CHANGED
data/lib/rsplunk/auth.rb
CHANGED
@@ -1,28 +1,28 @@
|
|
1
1
|
module Rsplunk
|
2
2
|
|
3
3
|
class Auth
|
4
|
-
|
5
|
-
def initialize(
|
6
|
-
@
|
7
|
-
@
|
4
|
+
# Create a Splunk session
|
5
|
+
def initialize(user, pass)
|
6
|
+
@user = user
|
7
|
+
@pass = pass
|
8
|
+
session_token
|
8
9
|
end
|
9
10
|
|
10
|
-
attr_accessor :
|
11
|
-
|
12
|
-
# Initial SSL request
|
13
|
-
def splunk_ssl_request(path, data = nil, headers = nil)
|
14
|
-
http = Net::HTTP.new(@host, @port)
|
15
|
-
http.use_ssl = true
|
16
|
-
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
17
|
-
http.post(path, data, headers).body
|
18
|
-
end
|
11
|
+
attr_accessor :user, :pass
|
19
12
|
|
20
13
|
# Grab token with username and password
|
21
|
-
def
|
22
|
-
doc = Hpricot(
|
14
|
+
def create_token
|
15
|
+
doc = Hpricot(Rsplunk.splunk_ssl_post_request("/services/auth/login",
|
16
|
+
"username=#{@user}&password=#{@pass}"))
|
23
17
|
(doc/"//sessionkey").inner_html
|
24
18
|
end
|
25
19
|
|
20
|
+
# Returns the session token
|
21
|
+
|
22
|
+
def session_token
|
23
|
+
$session_token = create_token
|
24
|
+
end
|
25
|
+
|
26
26
|
end
|
27
27
|
|
28
28
|
end
|
data/lib/rsplunk.rb
CHANGED
@@ -3,11 +3,45 @@ $:.unshift( File.dirname( __FILE__ ))
|
|
3
3
|
require 'net/https'
|
4
4
|
require 'rubygems'
|
5
5
|
require 'hpricot'
|
6
|
+
require 'json'
|
7
|
+
require 'cgi'
|
6
8
|
|
7
9
|
module Rsplunk
|
8
10
|
|
9
|
-
VERSION = '0.
|
11
|
+
VERSION = '0.2.0'
|
10
12
|
|
11
13
|
require 'rsplunk/auth'
|
14
|
+
require 'rsplunk/search'
|
15
|
+
|
16
|
+
attr_accessor :host, :port
|
17
|
+
|
18
|
+
# Set the Splunk server instance. Defaults to 'localhost:8089'
|
19
|
+
def self.set(host='localhost', port = 8089)
|
20
|
+
@host = host
|
21
|
+
@port = port
|
22
|
+
"#{@host}, #{@port}"
|
23
|
+
end
|
24
|
+
|
25
|
+
# Create an SSL POST
|
26
|
+
def self.splunk_ssl_post_request(path, data = nil, headers = nil)
|
27
|
+
http = Net::HTTP.new(@host, @port)
|
28
|
+
http.use_ssl = true
|
29
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
30
|
+
http.post(path, data, headers).body
|
31
|
+
end
|
32
|
+
# Create and SSL GET
|
33
|
+
def self.splunk_ssl_get_request(path, headers = nil)
|
34
|
+
http = Net::HTTP.new(@host, @port)
|
35
|
+
http.use_ssl = true
|
36
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
37
|
+
http.get(path, headers).body
|
38
|
+
end
|
39
|
+
# Create an SSL DELETE
|
40
|
+
def self.splunk_ssl_delete_request(path, headers = nil)
|
41
|
+
http = Net::HTTP.new(@host, @port)
|
42
|
+
http.use_ssl = true
|
43
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
44
|
+
http.delete(path, headers).body
|
45
|
+
end
|
12
46
|
|
13
47
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rsplunk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-04-19 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rdoc
|
16
|
-
requirement: &
|
16
|
+
requirement: &85809630 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ~>
|
@@ -21,10 +21,10 @@ dependencies:
|
|
21
21
|
version: '3.10'
|
22
22
|
type: :development
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *85809630
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: hoe
|
27
|
-
requirement: &
|
27
|
+
requirement: &85809360 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ~>
|
@@ -32,10 +32,10 @@ dependencies:
|
|
32
32
|
version: '3.0'
|
33
33
|
type: :development
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *85809360
|
36
36
|
description: This is a gem to facilitate Splunk searches and indexing.
|
37
37
|
email:
|
38
|
-
-
|
38
|
+
- mail@benwoodall.com
|
39
39
|
executables:
|
40
40
|
- rsplunk
|
41
41
|
extensions: []
|