rsplunk 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/Manifest.txt CHANGED
@@ -4,7 +4,9 @@ README.txt
4
4
  Rakefile
5
5
  bin/rsplunk
6
6
  lib/rsplunk.rb
7
- lib/rsplunk/auth.rb
7
+ lib/rsplunk/api_error.rb
8
+ lib/rsplunk/client.rb
9
+ lib/rsplunk/search.rb
8
10
  spec/spec_helper.rb
9
11
  spec/rsplunk_spec.rb
10
12
  test/test_rsplunk.rb
data/README.txt CHANGED
@@ -9,38 +9,27 @@ This is a gem to facilitate Splunk searches and indexing.
9
9
  require 'rsplunk'
10
10
 
11
11
  === To create a Splunk instance
12
- foo = Rsplunk.set('HOST', PORT)
13
- => "@host, @port"
12
+ Rsplunk.set('HOST', PORT)
13
+ => "https://HOST:PORT"
14
14
 
15
15
  === To create a Splunk session
16
- session = Rsplunk::Auth.new('username', 'password')
17
- => #<Rsplunk::Auth:0x1080daf8 @pass="password", @user="username">
18
-
19
- Appending the 'session_token' method will give you your token:
20
- session.session_token
21
- => "66f8ee2ab56a2e30d3a016f6b78e50ce"
16
+ splunk = Rsplunk::Client.new(:username => 'USERNAME', :password => 'PASSWORD')
17
+ => #<Rsplunk::Client:0x8b800f8 @pass="PASSWORD", @user="USERNAME">
22
18
 
23
19
  === To view current query jobs:
24
- bar = Rsplunk::Search.new
25
- bar.query_jobs
26
-
27
- This will bring back a very unsexy XML package for you.
28
-
29
- 'query_jobs' can take arguements to return certain XML parameters:
30
-
31
- For example:
32
- bar.query_jobs("name", "published", "title")
33
-
34
- will return the owner, published date, and query string for all current running jobs.
20
+ splunk.list_jobs
35
21
 
36
22
  === To create a job:
37
- res = bar.create_job("Hello, World")
23
+ splunk.create_job('SEARCH TERM', options)
38
24
  => "1334848433.7828"
39
25
 
40
26
  Where, "1334848433.7828" is the Search ID returned from the job.
41
27
 
28
+ Available options can be found at:
29
+ http://docs.splunk.com/Documentation/Splunk/4.2.2/RESTAPI/RESTsearch#POST_search.2Fjobs
30
+
42
31
  === To list job results:
43
- bar.job_results(res)
32
+ splunk.job_results(res)
44
33
  => XML results
45
34
 
46
35
  == REQUIREMENTS:
@@ -52,8 +41,7 @@ Access to a working Splunk environment.
52
41
  gem install rsplunk
53
42
 
54
43
  == Upcoming Features:
55
- * Provide a timeline for Search. As of now, it sets to 'All Time'.
56
- * Credentials providing: delete a query
44
+
57
45
 
58
46
  == Contributing to rSplunk
59
47
 
data/Rakefile CHANGED
@@ -3,17 +3,14 @@
3
3
  require 'rubygems'
4
4
  require 'hoe'
5
5
 
6
- # Hoe.plugin :compiler
7
- # Hoe.plugin :gem_prelude_sucks
8
- # Hoe.plugin :inline
9
- # Hoe.plugin :minitest
10
- # Hoe.plugin :racc
11
- # Hoe.plugin :rubyforge
12
-
13
6
  Hoe.spec 'rsplunk' do
14
7
 
15
8
  developer('Ben Woodall', 'mail@benwoodall.com')
16
9
 
10
+ self.rubyforge_name = 'rsplunk'
11
+
12
+ dependency 'hpricot', '~> 0.8.6'
13
+
17
14
  end
18
15
 
19
16
 
@@ -0,0 +1,17 @@
1
+ module Rsplunk
2
+ class APIError < StandardError
3
+
4
+ attr_reader :code
5
+ attr_reader :response
6
+
7
+ def initialize(error, response)
8
+ @code = error.status
9
+ @response = response
10
+ end
11
+
12
+ def message
13
+ "(#{@code}):#{@response}"
14
+ end
15
+ alias :to_s :message
16
+ end
17
+ end
@@ -0,0 +1,59 @@
1
+ require 'forwardable'
2
+
3
+ module Rsplunk
4
+
5
+ class Client
6
+ extend Forwardable
7
+
8
+ include Search
9
+
10
+ attr_accessor :user, :pass
11
+
12
+ # Create a Splunk session using basic_auth parameters.
13
+ #
14
+ # Example:
15
+ # client = Rsplunk::Client.new(:username => 'your_username', :password => 'your_password')
16
+ def initialize(options={})
17
+ @user = options[:username]
18
+ @pass = options[:password]
19
+ end
20
+
21
+ # Sets up the initial connection to your Splunk server
22
+ def connection
23
+ params = {}
24
+ params[:username] = @user if @user
25
+ params[:password] = @pass if @pass
26
+ @connection ||= Faraday::Connection.new(:url => api_url, :ssl => { :verify => false },
27
+ :params => params, :headers => default_headers) do |builder|
28
+ builder.request :url_encoded
29
+ builder.response :xml
30
+ builder.adapter :net_http
31
+ builder.basic_auth(@user, @pass)
32
+ end
33
+ end
34
+
35
+ # This is created in Splunk.set
36
+ def api_url
37
+ "https://#{$host}:#{$port}/services/"
38
+ end
39
+
40
+ # Sexy error handling
41
+ def return_error_or_body(response, response_body)
42
+ if response.status.to_s =~ /20./
43
+ response_body
44
+ else
45
+ raise Rsplunk::APIError.new(response, response.body)
46
+ end
47
+ end
48
+
49
+ private
50
+
51
+ def default_headers
52
+ headers = {
53
+ :user_agent => "rSplunk"
54
+ }
55
+ end
56
+
57
+ end
58
+
59
+ end
@@ -0,0 +1,44 @@
1
+ module Rsplunk
2
+ module Search
3
+
4
+ # Returns an XML with all of the current running jobs
5
+ def list_jobs
6
+ response = connection.get('search/jobs')
7
+ return_error_or_body(response, response.body)
8
+ end
9
+
10
+ # Create a job
11
+ #
12
+ # 'query' is the search string you are passing to Splunk
13
+ # 'options' can be found at http://docs.splunk.com/Documentation/Splunk/4.2.2/RESTAPI/RESTsearch#POST_search.2Fjobs
14
+ #
15
+ def create_job(query, options={})
16
+ options[:earliest_time] ||= '-15m'
17
+ [:earliest_time, :latest_time, :time].each { |t| options[t] = format_time(options[t]) if options[t] }
18
+ response = connection.post do |req|
19
+ req.url 'search/jobs'
20
+ req.body = { :search => "search #{query}" }.merge(options)
21
+ end
22
+ return_error_or_body(response, response.body)
23
+ end
24
+
25
+ # Return results from a job using the job SID
26
+ def job_results(sid)
27
+ response = connection.get("search/jobs/#{sid}/results")
28
+ return_error_or_body(response, response.body)
29
+ end
30
+
31
+ def delete_job(sid)
32
+ response = connection.delete("search/jobs/#{sid}")
33
+ return_error_or_body(response, response.body)
34
+ end
35
+
36
+
37
+ private
38
+
39
+ def format_time(time)
40
+ time.is_a?(Time) ? time.strftime('%Y-%m-%dT%H:%M:%S%z') : time.to_s
41
+ end
42
+
43
+ end
44
+ end
data/lib/rsplunk.rb CHANGED
@@ -1,47 +1,24 @@
1
- $:.unshift( File.dirname( __FILE__ ))
2
-
3
- require 'net/https'
4
- require 'rubygems'
1
+ require 'faraday'
2
+ require 'faraday_middleware'
5
3
  require 'hpricot'
6
- require 'json'
7
- require 'cgi'
4
+
5
+ $:.unshift( File.dirname( __FILE__ ))
8
6
 
9
7
  module Rsplunk
10
8
 
11
- VERSION = '0.2.0'
9
+ VERSION = '0.3.0'
12
10
 
13
- require 'rsplunk/auth'
14
11
  require 'rsplunk/search'
12
+ require 'rsplunk/client'
13
+ require 'rsplunk/api_error'
15
14
 
16
15
  attr_accessor :host, :port
17
16
 
18
17
  # Set the Splunk server instance. Defaults to 'localhost:8089'
19
18
  def self.set(host='localhost', port = 8089)
20
- @host = host
21
- @port = port
22
- "#{@host}, #{@port}"
23
- end
24
-
25
- # Create an SSL POST
26
- def self.splunk_ssl_post_request(path, data = nil, headers = nil)
27
- http = Net::HTTP.new(@host, @port)
28
- http.use_ssl = true
29
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE
30
- http.post(path, data, headers).body
31
- end
32
- # Create and SSL GET
33
- def self.splunk_ssl_get_request(path, headers = nil)
34
- http = Net::HTTP.new(@host, @port)
35
- http.use_ssl = true
36
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE
37
- http.get(path, headers).body
38
- end
39
- # Create an SSL DELETE
40
- def self.splunk_ssl_delete_request(path, headers = nil)
41
- http = Net::HTTP.new(@host, @port)
42
- http.use_ssl = true
43
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE
44
- http.delete(path, headers).body
19
+ $host = host
20
+ $port = port
21
+ "https://#{$host}:#{$port}"
45
22
  end
46
23
 
47
24
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rsplunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,11 +9,22 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-04-19 00:00:00.000000000 Z
12
+ date: 2012-04-25 00:00:00.000000000 Z
13
13
  dependencies:
14
+ - !ruby/object:Gem::Dependency
15
+ name: hpricot
16
+ requirement: &82791720 !ruby/object:Gem::Requirement
17
+ none: false
18
+ requirements:
19
+ - - ~>
20
+ - !ruby/object:Gem::Version
21
+ version: 0.8.6
22
+ type: :runtime
23
+ prerelease: false
24
+ version_requirements: *82791720
14
25
  - !ruby/object:Gem::Dependency
15
26
  name: rdoc
16
- requirement: &85809630 !ruby/object:Gem::Requirement
27
+ requirement: &82791230 !ruby/object:Gem::Requirement
17
28
  none: false
18
29
  requirements:
19
30
  - - ~>
@@ -21,10 +32,10 @@ dependencies:
21
32
  version: '3.10'
22
33
  type: :development
23
34
  prerelease: false
24
- version_requirements: *85809630
35
+ version_requirements: *82791230
25
36
  - !ruby/object:Gem::Dependency
26
37
  name: hoe
27
- requirement: &85809360 !ruby/object:Gem::Requirement
38
+ requirement: &82790790 !ruby/object:Gem::Requirement
28
39
  none: false
29
40
  requirements:
30
41
  - - ~>
@@ -32,7 +43,7 @@ dependencies:
32
43
  version: '3.0'
33
44
  type: :development
34
45
  prerelease: false
35
- version_requirements: *85809360
46
+ version_requirements: *82790790
36
47
  description: This is a gem to facilitate Splunk searches and indexing.
37
48
  email:
38
49
  - mail@benwoodall.com
@@ -50,7 +61,9 @@ files:
50
61
  - Rakefile
51
62
  - bin/rsplunk
52
63
  - lib/rsplunk.rb
53
- - lib/rsplunk/auth.rb
64
+ - lib/rsplunk/api_error.rb
65
+ - lib/rsplunk/client.rb
66
+ - lib/rsplunk/search.rb
54
67
  - spec/spec_helper.rb
55
68
  - spec/rsplunk_spec.rb
56
69
  - test/test_rsplunk.rb
data/lib/rsplunk/auth.rb DELETED
@@ -1,28 +0,0 @@
1
- module Rsplunk
2
-
3
- class Auth
4
- # Create a Splunk session
5
- def initialize(user, pass)
6
- @user = user
7
- @pass = pass
8
- session_token
9
- end
10
-
11
- attr_accessor :user, :pass
12
-
13
- # Grab token with username and password
14
- def create_token
15
- doc = Hpricot(Rsplunk.splunk_ssl_post_request("/services/auth/login",
16
- "username=#{@user}&password=#{@pass}"))
17
- (doc/"//sessionkey").inner_html
18
- end
19
-
20
- # Returns the session token
21
-
22
- def session_token
23
- $session_token = create_token
24
- end
25
-
26
- end
27
-
28
- end