splunk-client 0.6.1 → 0.7.0

data/Gemfile.lock

@@ -1,16 +1,24 @@
 PATH
   remote: .
   specs:
-    splunk-client (0.5.3)
+    splunk-client (0.7.0)
       nokogiri
 
 GEM
   remote: https://rubygems.org/
   specs:
+    columnize (0.3.6)
+    debugger (1.1.3)
+      columnize (>= 0.3.1)
+      debugger-linecache (~> 1.1.1)
+      debugger-ruby_core_source (~> 1.1.2)
+    debugger-linecache (1.1.1)
+      debugger-ruby_core_source (>= 1.1.1)
+    debugger-ruby_core_source (1.1.3)
     diff-lcs (1.1.3)
     json (1.7.3)
     multi_json (1.3.5)
-    nokogiri (1.5.2)
+    nokogiri (1.5.3)
     rake (0.9.2.2)
     rspec (2.10.0)
       rspec-core (~> 2.10.0)
@@ -31,6 +39,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  debugger
   json
   rake
   rspec

data/LICENSE

@@ -0,0 +1,7 @@
+Copyright (c) 2012 Christopher Brito
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -50,12 +50,18 @@ Creating and using a client is easy:
 
 ## Revision History
 
+#### 0.7
+
+* Added alias support for raw field 
+* Added test cases for all Splunk meta fields
+
 #### 0.6
+
 * Added two new objects: SplunkResults and SplunkResult for to support:
 * Accessing Splunk fields via method calls
 
     
-      `search.parsedResults.each {|result| puts result.$$FIELD_NAME$$}`
+      search.parsedResults.each {|result| puts result.$$FIELD_NAME$$}
 
 
 
@@ -65,4 +71,16 @@ WARNING: Compatibility with prior versions will break as SplunkClient no longer
 * Separated SplunkClient and SplunkJob into two separate objects. 
 
 #### 0.1
+
 * Initial Release
+
+
+## Versioning
+
+As of 0.5, this software uses [Semantic Versioning](http://semver.org/). Basically, this means that any given minor release number is backwards compatible. Patch releases are just that, and major releases **may** break compatibility. 
+
+If you contribute to this software, and I hope you do, please leave the VERSION file alone. Alternatively, update the VERSION file in a commit on it's own, so that we can cherry-pick around it when merging code. 
+
+# License
+
+This software is released under the MIT License (ref: LICENSE) 

data/VERSION

@@ -1 +1 @@
-0.6.1
+0.7.0

data/lib/splunk_client/splunk_result.rb

@@ -8,12 +8,17 @@ class SplunkResult
   def initialize(nokogiriNode)
     @result = nokogiriNode
   end
-  
-  # Ex: splunkResult.time => nokogiriNode.result.field("[@k=\"_time\"]").value.text  
+
+  # Ex: splunkResult.time => nokogiriNode.result.field("[@k=\"_time\"]").value.text
   def time
     @result.field("[@k=\"_time\"]").value.text
   end
 
+  # Ex: splunkResult.raw => nokogiriNode.result.field("[@k=\"_raw\"]").v.text
+  def raw
+    @result.field("[@k=\"_raw\"]").v.text
+  end
+
   # Ex: splunkResult.sourceIp => nokogiriNode.field("[@k=\"sourceIp\"]").value.text
   def method_missing(name, *args, &blk)
     if args.empty? && blk.nil? && @result.field("[@k=\"#{name}\"]")
@@ -22,7 +27,7 @@ class SplunkResult
       super
     end
   end
-  
+
   def respond_to?(name)
     begin
       unless @result.field("[@k=\"#{name}\"]").nil? then true else super end
@@ -30,5 +35,5 @@ class SplunkResult
       super
     end
   end
-  
+
 end #class SplunkResult

data/lib/splunk_client/splunk_results.rb

@@ -10,9 +10,12 @@ class SplunkResults
   attr_reader :results
 
   def initialize(rawResults)
-    nokoResults = Nokogiri::Slop(rawResults)
     @results = Array.new
-    
+
+    return @results if rawResults.strip.empty?
+
+    nokoResults = Nokogiri::Slop(rawResults)
+
     if nokoResults.results.result.respond_to?("length")
       # Multiple Results, build array
       nokoResults.results.result.each do |resultObj|

data/spec/spec_helper.rb

@@ -13,3 +13,21 @@ require 'rspec/autorun'
 
 require 'json'
 require File.expand_path File.join(File.dirname(__FILE__), '../lib/splunk-client')
+
+# Source Type  |  Log file
+# "syslog"     |  "/var/log/kernel.log"
+# "syslog"     |  "/var/log/system.log"
+
+# The following are the Splunk login details.
+def splunk_user
+  ENV['SPLUNK_USER'] ||= "admin"
+end
+
+def splunk_passwd
+  ENV['SPLUNK_PASSWD'] ||= "changeme"
+end
+
+def splunk_host
+  ENV['SPLUNK_HOST'] ||= "localhost"
+end
+

data/spec/splunk_client_spec.rb

@@ -2,18 +2,12 @@ require File.expand_path File.join(File.dirname(__FILE__), 'spec_helper')
 
 describe SplunkClient do
 
-  before :each do
-    @user = ENV['SPLUNK_USER']
-    @pass = ENV['SPLUNK_PASSWD']
-    @host = ENV['SPLUNK_HOST']
-    @splunk_client = SplunkClient.new(@user, @pass, @host)
-  end
+  let(:splunk_client) { SplunkClient.new(splunk_user, splunk_passwd, splunk_host) }
+  let(:search) { 'sourcetype="syslog" "kernel" earliest=-30m' }
 
   context "initialization" do
 
     it "creates a session key" do
-      splunk_client = @splunk_client
-      splunk_client.should_not be(nil)
       splunk_client.send(:get_session_key).should_not be(nil)
     end
 
@@ -21,38 +15,37 @@ describe SplunkClient do
 
   context "searching" do
 
-    it "creates a search job and returns results" do
-      splunk_client = @splunk_client
-      splunk_client.should_not be(nil)
-      search = 'source="/var/log/messages" "kernel" earliest=-10m'
+    it "creates a search job" do
+      splunk_client.stub(:create_search).and_return("A search job")
+      splunk_client.should_receive(:create_search).with(search)
+      splunk_client.search(search).should eq("A search job")
+    end
+
+    it "executing the job returns search results" do
       job = splunk_client.search(search)
-      job.should_not be(nil)
       job.wait
-      job.results(0, 'json')
-      job.cancel
+      job.results(0, 'json').should_not be_nil
     end
 
   end
-  
-  context "parsing_results" do
-    it "uses the parsedResults 'host' method of a SplunkJob" do
-      splunk_client = @splunk_client
-      splunk_client.should_not be(nil)
-      search = 'source="/var/log/messages" "kernel" earliest=-10m'
-      job = splunk_client.search(search)
-      job.should_not be(nil)
-      job.wait
-      results = job.parsedResults
-      
-      # Test the auto generated methods
-      results.each do |result|
-        result.respond_to?("time").should be(true)
-        result.respond_to?("host").should be(true)
-        result.time.should_not be(nil)
-        result.host.should_not be(nil)
+
+  context "parsing search results" do
+
+    let(:parsed_results) { job = splunk_client.search(search); job.wait; job.parsedResults }
+
+    it "parses the results into an array of Splunk Result" do
+      parsed_results.should be_kind_of(Array)
+      parsed_results.each do |result|
+        result.should be_kind_of(SplunkResult)
       end
+    end
 
+    it "responds to method calls by the name of meta fields in the results" do
+      %w[raw sourcetype time host index linecount source splunk_server].each do |method_call|
+        parsed_results.first.respond_to?(method_call).should be_true
+        parsed_results.first.send(method_call.to_sym).should_not be_nil
+      end
     end
-  end
 
+  end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: splunk-client
 version: !ruby/object:Gem::Version 
-  hash: 5
+  hash: 3
   prerelease: 
   segments: 
   - 0
-  - 6
-  - 1
-  version: 0.6.1
+  - 7
+  - 0
+  version: 0.7.0
 platform: ruby
 authors: 
 - Christopher Brito
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-05-20 00:00:00 Z
+date: 2012-06-11 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: nokogiri
@@ -87,7 +87,7 @@ dependencies:
         version: "0"
   type: :development
   version_requirements: *id005
-description: Simple Ruby library for interfacing with Splunk's REST API.
+description: splunk-client is a simple Ruby library for interfacing with Splunk's REST API. It supports the retrieving of results via native Ruby methods.
 email: 
 - cbrito@gmail.com
 executables: []
@@ -105,6 +105,7 @@ files:
 - spec/spec_helper.rb
 - spec/splunk_client_spec.rb
 - VERSION
+- LICENSE
 - README.md
 - Rakefile
 - Gemfile