rsplunk 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.txt +37 -5
- data/Rakefile +1 -1
- data/lib/rsplunk/auth.rb +15 -15
- data/lib/rsplunk.rb +35 -1
- metadata +7 -7
data/README.txt
CHANGED
@@ -6,10 +6,42 @@ This is a gem to facilitate Splunk searches and indexing.
|
|
6
6
|
|
7
7
|
== SYNOPSIS:
|
8
8
|
|
9
|
-
require '
|
9
|
+
require 'rsplunk'
|
10
10
|
|
11
|
-
|
12
|
-
foo.
|
11
|
+
=== To create a Splunk instance
|
12
|
+
foo = Rsplunk.set('HOST', PORT)
|
13
|
+
=> "@host, @port"
|
14
|
+
|
15
|
+
=== To create a Splunk session
|
16
|
+
session = Rsplunk::Auth.new('username', 'password')
|
17
|
+
=> #<Rsplunk::Auth:0x1080daf8 @pass="password", @user="username">
|
18
|
+
|
19
|
+
Appending the 'session_token' method will give you your token:
|
20
|
+
session.session_token
|
21
|
+
=> "66f8ee2ab56a2e30d3a016f6b78e50ce"
|
22
|
+
|
23
|
+
=== To view current query jobs:
|
24
|
+
bar = Rsplunk::Search.new
|
25
|
+
bar.query_jobs
|
26
|
+
|
27
|
+
This will bring back a very unsexy XML package for you.
|
28
|
+
|
29
|
+
'query_jobs' can take arguements to return certain XML parameters:
|
30
|
+
|
31
|
+
For example:
|
32
|
+
bar.query_jobs("name", "published", "title")
|
33
|
+
|
34
|
+
will return the owner, published date, and query string for all current running jobs.
|
35
|
+
|
36
|
+
=== To create a job:
|
37
|
+
res = bar.create_job("Hello, World")
|
38
|
+
=> "1334848433.7828"
|
39
|
+
|
40
|
+
Where, "1334848433.7828" is the Search ID returned from the job.
|
41
|
+
|
42
|
+
=== To list job results:
|
43
|
+
bar.job_results(res)
|
44
|
+
=> XML results
|
13
45
|
|
14
46
|
== REQUIREMENTS:
|
15
47
|
|
@@ -20,8 +52,8 @@ Access to a working Splunk environment.
|
|
20
52
|
gem install rsplunk
|
21
53
|
|
22
54
|
== Upcoming Features:
|
23
|
-
* As of now,
|
24
|
-
*
|
55
|
+
* Provide a timeline for Search. As of now, it sets to 'All Time'.
|
56
|
+
* Credentials providing: delete a query
|
25
57
|
|
26
58
|
== Contributing to rSplunk
|
27
59
|
|
data/Rakefile
CHANGED
data/lib/rsplunk/auth.rb
CHANGED
@@ -1,28 +1,28 @@
|
|
1
1
|
module Rsplunk
|
2
2
|
|
3
3
|
class Auth
|
4
|
-
|
5
|
-
def initialize(
|
6
|
-
@
|
7
|
-
@
|
4
|
+
# Create a Splunk session
|
5
|
+
def initialize(user, pass)
|
6
|
+
@user = user
|
7
|
+
@pass = pass
|
8
|
+
session_token
|
8
9
|
end
|
9
10
|
|
10
|
-
attr_accessor :
|
11
|
-
|
12
|
-
# Initial SSL request
|
13
|
-
def splunk_ssl_request(path, data = nil, headers = nil)
|
14
|
-
http = Net::HTTP.new(@host, @port)
|
15
|
-
http.use_ssl = true
|
16
|
-
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
17
|
-
http.post(path, data, headers).body
|
18
|
-
end
|
11
|
+
attr_accessor :user, :pass
|
19
12
|
|
20
13
|
# Grab token with username and password
|
21
|
-
def
|
22
|
-
doc = Hpricot(
|
14
|
+
def create_token
|
15
|
+
doc = Hpricot(Rsplunk.splunk_ssl_post_request("/services/auth/login",
|
16
|
+
"username=#{@user}&password=#{@pass}"))
|
23
17
|
(doc/"//sessionkey").inner_html
|
24
18
|
end
|
25
19
|
|
20
|
+
# Returns the session token
|
21
|
+
|
22
|
+
def session_token
|
23
|
+
$session_token = create_token
|
24
|
+
end
|
25
|
+
|
26
26
|
end
|
27
27
|
|
28
28
|
end
|
data/lib/rsplunk.rb
CHANGED
@@ -3,11 +3,45 @@ $:.unshift( File.dirname( __FILE__ ))
|
|
3
3
|
require 'net/https'
|
4
4
|
require 'rubygems'
|
5
5
|
require 'hpricot'
|
6
|
+
require 'json'
|
7
|
+
require 'cgi'
|
6
8
|
|
7
9
|
module Rsplunk
|
8
10
|
|
9
|
-
VERSION = '0.
|
11
|
+
VERSION = '0.2.0'
|
10
12
|
|
11
13
|
require 'rsplunk/auth'
|
14
|
+
require 'rsplunk/search'
|
15
|
+
|
16
|
+
attr_accessor :host, :port
|
17
|
+
|
18
|
+
# Set the Splunk server instance. Defaults to 'localhost:8089'
|
19
|
+
def self.set(host='localhost', port = 8089)
|
20
|
+
@host = host
|
21
|
+
@port = port
|
22
|
+
"#{@host}, #{@port}"
|
23
|
+
end
|
24
|
+
|
25
|
+
# Create an SSL POST
|
26
|
+
def self.splunk_ssl_post_request(path, data = nil, headers = nil)
|
27
|
+
http = Net::HTTP.new(@host, @port)
|
28
|
+
http.use_ssl = true
|
29
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
30
|
+
http.post(path, data, headers).body
|
31
|
+
end
|
32
|
+
# Create and SSL GET
|
33
|
+
def self.splunk_ssl_get_request(path, headers = nil)
|
34
|
+
http = Net::HTTP.new(@host, @port)
|
35
|
+
http.use_ssl = true
|
36
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
37
|
+
http.get(path, headers).body
|
38
|
+
end
|
39
|
+
# Create an SSL DELETE
|
40
|
+
def self.splunk_ssl_delete_request(path, headers = nil)
|
41
|
+
http = Net::HTTP.new(@host, @port)
|
42
|
+
http.use_ssl = true
|
43
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
44
|
+
http.delete(path, headers).body
|
45
|
+
end
|
12
46
|
|
13
47
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rsplunk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2012-
|
12
|
+
date: 2012-04-19 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rdoc
|
16
|
-
requirement: &
|
16
|
+
requirement: &85809630 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ~>
|
@@ -21,10 +21,10 @@ dependencies:
|
|
21
21
|
version: '3.10'
|
22
22
|
type: :development
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *85809630
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: hoe
|
27
|
-
requirement: &
|
27
|
+
requirement: &85809360 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ~>
|
@@ -32,10 +32,10 @@ dependencies:
|
|
32
32
|
version: '3.0'
|
33
33
|
type: :development
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *85809360
|
36
36
|
description: This is a gem to facilitate Splunk searches and indexing.
|
37
37
|
email:
|
38
|
-
-
|
38
|
+
- mail@benwoodall.com
|
39
39
|
executables:
|
40
40
|
- rsplunk
|
41
41
|
extensions: []
|