splunk-client 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/splunk-client.rb +93 -0
- metadata +78 -0
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
# Author:: Christopher Brito (cbrito@gmail.com)
|
|
2
|
+
# Original Repo:: https://github.com/cbrito/splunk-client
|
|
3
|
+
|
|
4
|
+
require 'net/https'
|
|
5
|
+
require 'cgi'
|
|
6
|
+
require 'rubygems'
|
|
7
|
+
require 'nokogiri'
|
|
8
|
+
|
|
9
|
+
class SplunkJob
|
|
10
|
+
attr_reader :jobId
|
|
11
|
+
|
|
12
|
+
def initialize(jobId, clientPointer)
|
|
13
|
+
@jobId = jobId
|
|
14
|
+
@client = clientPointer #SplunkClient object pointer
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def wait
|
|
18
|
+
wait_for_results
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def wait_for_results
|
|
22
|
+
# Wait for the Splunk search to complete
|
|
23
|
+
while (@client.get_search_status(@jobId).to_i == 0)
|
|
24
|
+
sleep 2
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def complete?
|
|
29
|
+
# Return status of job
|
|
30
|
+
@client.get_search_status(@jobId).to_i == 0
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def results(maxResults=0)
|
|
34
|
+
# Return search results
|
|
35
|
+
@client.get_search_results(@jobId, maxResults)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
end #class SplunkJob
|
|
39
|
+
|
|
40
|
+
class SplunkClient
|
|
41
|
+
|
|
42
|
+
def initialize(username, password, host, port=8089)
|
|
43
|
+
@USER=username; @PASS=password; @HOST=host; @PORT=port
|
|
44
|
+
|
|
45
|
+
@SESSION_KEY = { 'authorization' => "Splunk #{get_session_key}" }
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def create_search(search)
|
|
49
|
+
# Returns a SplunkJob
|
|
50
|
+
xml = splunk_post_request("/services/search/jobs",
|
|
51
|
+
"search=#{CGI::escape("search #{search}")}",
|
|
52
|
+
@SESSION_KEY)
|
|
53
|
+
|
|
54
|
+
@doc = Nokogiri::Slop(xml)
|
|
55
|
+
|
|
56
|
+
return SplunkJob.new(@doc.xpath("//sid").text, self)
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def get_search_status(sid)
|
|
60
|
+
xml = splunk_get_request("/services/search/jobs/#{sid}")
|
|
61
|
+
@doc = Nokogiri::Slop(xml)
|
|
62
|
+
return @doc.xpath("//s:key[@name='isDone']").text
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def get_search_results(sid, maxResults=0)
|
|
66
|
+
splunk_get_request("/services/search/jobs/#{sid}/results?count=#{maxResults}")
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
private ###############################################################################
|
|
70
|
+
|
|
71
|
+
def splunk_http_request
|
|
72
|
+
http = Net::HTTP.new(@HOST, @PORT)
|
|
73
|
+
http.use_ssl = true
|
|
74
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
75
|
+
return http
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
def splunk_get_request(path)
|
|
79
|
+
splunk_http_request.get(path, @SESSION_KEY).body
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
def splunk_post_request(path, data=nil, headers=nil)
|
|
83
|
+
splunk_http_request.post(path,data,headers).body
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def get_session_key
|
|
87
|
+
xml = splunk_post_request("/services/auth/login",
|
|
88
|
+
"username=#{@USER}&password=#{@PASS}")
|
|
89
|
+
@doc = Nokogiri::Slop(xml)
|
|
90
|
+
return @doc.xpath("//sessionKey").text
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
end #class SplunkClient
|
metadata
ADDED
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: splunk-client
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
hash: 9
|
|
5
|
+
prerelease:
|
|
6
|
+
segments:
|
|
7
|
+
- 0
|
|
8
|
+
- 5
|
|
9
|
+
- 1
|
|
10
|
+
version: 0.5.1
|
|
11
|
+
platform: ruby
|
|
12
|
+
authors:
|
|
13
|
+
- Christopher Brito
|
|
14
|
+
autorequire:
|
|
15
|
+
bindir: bin
|
|
16
|
+
cert_chain: []
|
|
17
|
+
|
|
18
|
+
date: 2012-04-24 00:00:00 Z
|
|
19
|
+
dependencies:
|
|
20
|
+
- !ruby/object:Gem::Dependency
|
|
21
|
+
name: nokogiri
|
|
22
|
+
prerelease: false
|
|
23
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
|
24
|
+
none: false
|
|
25
|
+
requirements:
|
|
26
|
+
- - ">="
|
|
27
|
+
- !ruby/object:Gem::Version
|
|
28
|
+
hash: 3
|
|
29
|
+
segments:
|
|
30
|
+
- 0
|
|
31
|
+
version: "0"
|
|
32
|
+
type: :runtime
|
|
33
|
+
version_requirements: *id001
|
|
34
|
+
description: Simple Ruby library for interfacing with Splunk's REST API.
|
|
35
|
+
email: cbrito@gmail.com
|
|
36
|
+
executables: []
|
|
37
|
+
|
|
38
|
+
extensions: []
|
|
39
|
+
|
|
40
|
+
extra_rdoc_files: []
|
|
41
|
+
|
|
42
|
+
files:
|
|
43
|
+
- lib/splunk-client.rb
|
|
44
|
+
homepage: http://github.com/cbrito/splunk-client
|
|
45
|
+
licenses: []
|
|
46
|
+
|
|
47
|
+
post_install_message:
|
|
48
|
+
rdoc_options: []
|
|
49
|
+
|
|
50
|
+
require_paths:
|
|
51
|
+
- lib
|
|
52
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
53
|
+
none: false
|
|
54
|
+
requirements:
|
|
55
|
+
- - ">="
|
|
56
|
+
- !ruby/object:Gem::Version
|
|
57
|
+
hash: 3
|
|
58
|
+
segments:
|
|
59
|
+
- 0
|
|
60
|
+
version: "0"
|
|
61
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
62
|
+
none: false
|
|
63
|
+
requirements:
|
|
64
|
+
- - ">="
|
|
65
|
+
- !ruby/object:Gem::Version
|
|
66
|
+
hash: 3
|
|
67
|
+
segments:
|
|
68
|
+
- 0
|
|
69
|
+
version: "0"
|
|
70
|
+
requirements: []
|
|
71
|
+
|
|
72
|
+
rubyforge_project:
|
|
73
|
+
rubygems_version: 1.8.15
|
|
74
|
+
signing_key:
|
|
75
|
+
specification_version: 3
|
|
76
|
+
summary: Ruby Library for interfacing with Splunk's REST API
|
|
77
|
+
test_files: []
|
|
78
|
+
|