rsplunk 0.2.0 → 0.3.0

data/Manifest.txt

@@ -4,7 +4,9 @@ README.txt
 Rakefile
 bin/rsplunk
 lib/rsplunk.rb
-lib/rsplunk/auth.rb
+lib/rsplunk/api_error.rb
+lib/rsplunk/client.rb
+lib/rsplunk/search.rb
 spec/spec_helper.rb
 spec/rsplunk_spec.rb
 test/test_rsplunk.rb

data/README.txt

@@ -9,38 +9,27 @@ This is a gem to facilitate Splunk searches and indexing.
 require 'rsplunk'
 
 === To create a Splunk instance
-foo = Rsplunk.set('HOST', PORT)
-=> "@host, @port"
+Rsplunk.set('HOST', PORT)
+=> "https://HOST:PORT"
 
 === To create a Splunk session
-session = Rsplunk::Auth.new('username', 'password')
-=> #<Rsplunk::Auth:0x1080daf8 @pass="password", @user="username">
-
-Appending the 'session_token' method will give you your token:
-session.session_token
-=> "66f8ee2ab56a2e30d3a016f6b78e50ce"
+splunk = Rsplunk::Client.new(:username => 'USERNAME', :password => 'PASSWORD')
+=> #<Rsplunk::Client:0x8b800f8 @pass="PASSWORD", @user="USERNAME">
 
 === To view current query jobs:
-bar = Rsplunk::Search.new
-bar.query_jobs
-
-This will bring back a very unsexy XML package for you.
-
-'query_jobs' can take arguements to return certain XML parameters:
-
-For example:
-bar.query_jobs("name", "published", "title")
-
-will return the owner, published date, and query string for all current running jobs.
+splunk.list_jobs
 
 === To create a job:
-res = bar.create_job("Hello, World")
+splunk.create_job('SEARCH TERM', options)
 => "1334848433.7828"
 
 Where, "1334848433.7828" is the Search ID returned from the job.
 
+Available options can be found at:
+http://docs.splunk.com/Documentation/Splunk/4.2.2/RESTAPI/RESTsearch#POST_search.2Fjobs
+
 === To list job results:
-bar.job_results(res)
+splunk.job_results(res)
 => XML results
 
 == REQUIREMENTS:
@@ -52,8 +41,7 @@ Access to a working Splunk environment.
 gem install rsplunk
 
 == Upcoming Features:
-* Provide a timeline for Search.  As of now, it sets to 'All Time'.
-* Credentials providing: delete a query
+
 
 == Contributing to rSplunk
 

data/Rakefile

@@ -3,17 +3,14 @@
 require 'rubygems'
 require 'hoe'
 
-# Hoe.plugin :compiler
-# Hoe.plugin :gem_prelude_sucks
-# Hoe.plugin :inline
-# Hoe.plugin :minitest
-# Hoe.plugin :racc
-# Hoe.plugin :rubyforge
-
 Hoe.spec 'rsplunk' do
 
   developer('Ben Woodall', 'mail@benwoodall.com')
 
+  self.rubyforge_name = 'rsplunk'
+
+  dependency 'hpricot', '~> 0.8.6'
+
 end
 
 

data/lib/rsplunk/api_error.rb

@@ -0,0 +1,17 @@
+module Rsplunk
+  class APIError < StandardError
+
+    attr_reader :code
+    attr_reader :response
+
+    def initialize(error, response)
+      @code   = error.status
+      @response = response
+    end
+
+    def message
+      "(#{@code}):#{@response}"
+    end
+    alias :to_s :message
+  end
+end

data/lib/rsplunk/client.rb

@@ -0,0 +1,59 @@
+require 'forwardable'
+
+module Rsplunk
+
+  class Client
+    extend Forwardable
+
+    include Search
+
+    attr_accessor :user, :pass
+
+    # Create a Splunk session using basic_auth parameters.
+    #
+    # Example:
+    # client = Rsplunk::Client.new(:username => 'your_username', :password => 'your_password')
+    def initialize(options={})
+      @user  = options[:username]
+      @pass  = options[:password]
+    end
+
+    # Sets up the initial connection to your Splunk server
+    def connection
+      params = {}
+      params[:username] = @user if @user
+      params[:password] = @pass if @pass
+      @connection ||= Faraday::Connection.new(:url => api_url, :ssl => { :verify => false },
+                                              :params => params, :headers => default_headers) do |builder|
+        builder.request  :url_encoded
+        builder.response :xml
+        builder.adapter  :net_http
+        builder.basic_auth(@user, @pass)
+      end
+    end
+
+    # This is created in Splunk.set
+    def api_url
+      "https://#{$host}:#{$port}/services/"
+    end
+
+    # Sexy error handling
+    def return_error_or_body(response, response_body)
+      if response.status.to_s =~ /20./
+        response_body
+      else
+        raise Rsplunk::APIError.new(response, response.body)
+      end
+    end
+
+    private
+
+    def default_headers
+      headers = {
+        :user_agent => "rSplunk"
+      }
+    end
+
+  end
+
+end

data/lib/rsplunk/search.rb

@@ -0,0 +1,44 @@
+module Rsplunk
+	module Search
+
+		# Returns an XML with all of the current running jobs
+		def list_jobs
+			response = connection.get('search/jobs')
+			return_error_or_body(response, response.body)
+		end
+
+		# Create a job
+		#
+		# 'query' is the search string you are passing to Splunk
+		# 'options' can be found at http://docs.splunk.com/Documentation/Splunk/4.2.2/RESTAPI/RESTsearch#POST_search.2Fjobs
+		#
+		def create_job(query, options={})
+			options[:earliest_time] ||= '-15m'
+			[:earliest_time, :latest_time, :time].each { |t| options[t] = format_time(options[t]) if options[t] }
+			response = connection.post do |req|
+				req.url 'search/jobs'
+				req.body = { :search => "search #{query}" }.merge(options)
+			end
+			return_error_or_body(response, response.body)
+		end
+
+		# Return results from a job using the job SID
+		def job_results(sid)
+			response = connection.get("search/jobs/#{sid}/results")
+			return_error_or_body(response, response.body)
+		end
+
+		def delete_job(sid)
+			response = connection.delete("search/jobs/#{sid}")
+			return_error_or_body(response, response.body)
+		end
+
+
+		private
+
+		def format_time(time)
+    	time.is_a?(Time) ? time.strftime('%Y-%m-%dT%H:%M:%S%z') : time.to_s
+  	end
+
+	end
+end

data/lib/rsplunk.rb

@@ -1,47 +1,24 @@
-$:.unshift( File.dirname( __FILE__ ))
-
-require 'net/https'
-require 'rubygems'
+require 'faraday'
+require 'faraday_middleware'
 require 'hpricot'
-require 'json'
-require 'cgi'
+
+$:.unshift( File.dirname( __FILE__ ))
 
 module Rsplunk
 
-  VERSION = '0.2.0'
+  VERSION = '0.3.0'
 
-  require 'rsplunk/auth'
   require 'rsplunk/search'
+  require 'rsplunk/client'
+  require 'rsplunk/api_error'
 
   attr_accessor :host, :port
 
   # Set the Splunk server instance.  Defaults to 'localhost:8089'
   def self.set(host='localhost', port = 8089)
-    @host = host
-    @port = port
-    "#{@host}, #{@port}"
-  end
-
-  # Create an SSL POST
-  def self.splunk_ssl_post_request(path, data = nil, headers = nil)
-    http = Net::HTTP.new(@host, @port)
-    http.use_ssl = true
-    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-    http.post(path, data, headers).body
-  end
-  # Create and SSL GET
-  def self.splunk_ssl_get_request(path, headers = nil)
-    http = Net::HTTP.new(@host, @port)
-    http.use_ssl = true
-    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-    http.get(path, headers).body
-  end
-  # Create an SSL DELETE
-  def self.splunk_ssl_delete_request(path, headers = nil)
-  	http = Net::HTTP.new(@host, @port)
-  	http.use_ssl = true
-  	http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-  	http.delete(path, headers).body
+    $host = host
+    $port = port
+    "https://#{$host}:#{$port}"
   end
 
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rsplunk
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,22 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-04-19 00:00:00.000000000 Z
+date: 2012-04-25 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: hpricot
+  requirement: &82791720 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.8.6
+  type: :runtime
+  prerelease: false
+  version_requirements: *82791720
 - !ruby/object:Gem::Dependency
   name: rdoc
-  requirement: &85809630 !ruby/object:Gem::Requirement
+  requirement: &82791230 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +32,10 @@ dependencies:
         version: '3.10'
   type: :development
   prerelease: false
-  version_requirements: *85809630
+  version_requirements: *82791230
 - !ruby/object:Gem::Dependency
   name: hoe
-  requirement: &85809360 !ruby/object:Gem::Requirement
+  requirement: &82790790 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -32,7 +43,7 @@ dependencies:
         version: '3.0'
   type: :development
   prerelease: false
-  version_requirements: *85809360
+  version_requirements: *82790790
 description: This is a gem to facilitate Splunk searches and indexing.
 email:
 - mail@benwoodall.com
@@ -50,7 +61,9 @@ files:
 - Rakefile
 - bin/rsplunk
 - lib/rsplunk.rb
-- lib/rsplunk/auth.rb
+- lib/rsplunk/api_error.rb
+- lib/rsplunk/client.rb
+- lib/rsplunk/search.rb
 - spec/spec_helper.rb
 - spec/rsplunk_spec.rb
 - test/test_rsplunk.rb

data/lib/rsplunk/auth.rb

@@ -1,28 +0,0 @@
-module Rsplunk
-
-  class Auth
-    # Create a Splunk session
-    def initialize(user, pass)
-      @user = user
-      @pass = pass
-      session_token
-    end
-
-    attr_accessor :user, :pass
-
-    # Grab token with username and password
-    def create_token
-      doc = Hpricot(Rsplunk.splunk_ssl_post_request("/services/auth/login",
-                                                          "username=#{@user}&password=#{@pass}"))
-      (doc/"//sessionkey").inner_html
-    end
-
-    # Returns the session token
-
-    def session_token
-      $session_token = create_token
-    end
-
-  end
-
-end