splunk-pickaxe 2.3.1 → 2.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +37 -1
- data/Rakefile +6 -0
- data/lib/splunk/pickaxe/config.rb +3 -1
- data/lib/splunk/pickaxe/erb_with_binding.rb +17 -0
- data/lib/splunk/pickaxe/objects.rb +4 -1
- data/lib/splunk/pickaxe/objects/dashboards.rb +4 -1
- data/lib/splunk/pickaxe/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dcd56d84913d202840b8f0b807217044f0d057b6
|
|
4
|
+
data.tar.gz: 44fd867231ae53662d125bde0921a07da4486c8c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 940928c1c49050bfdfa214c6b0508cd7ec201ea0c8aeaaf75bd2921b872a2397a08d7d7add36490ffdcc2464cb0c062d57ecb98b4bfb4b4edda2cf556f764b24
|
|
7
|
+
data.tar.gz: 552676b068ef457f0bcf95a0f489a17e5a65364e7c9da840eea77eea974598d788383ab0763789f465738d7e3b44dec33bc32edcd8d1d0621a97e896cd1e42df
|
data/README.md
CHANGED
|
@@ -36,7 +36,8 @@ namespace:
|
|
|
36
36
|
app: MY_SPLUNK_APP
|
|
37
37
|
|
|
38
38
|
environments:
|
|
39
|
-
ENVIRONMENT_NAME:
|
|
39
|
+
ENVIRONMENT_NAME:
|
|
40
|
+
url: SPLUNK_API_URL (i.e. https://search-head.my-splunk.com:8089)
|
|
40
41
|
```
|
|
41
42
|
|
|
42
43
|
Add some Splunk objects; see [example repo](example-repo) or below for manually
|
|
@@ -201,6 +202,40 @@ envs:
|
|
|
201
202
|
By default if `envs` is not provided the object will be imported to all
|
|
202
203
|
environments.
|
|
203
204
|
|
|
205
|
+
All Splunk objects are processed through ERB before being loaded to allow for dynamic configuration. The values from `.pickaxe.yml` provided within the environment configuration appropriate to the executed command will be added to the ERB binding during the rendering process.
|
|
206
|
+
|
|
207
|
+
.pickaxe.yml
|
|
208
|
+
```yaml
|
|
209
|
+
namespace:
|
|
210
|
+
# The application in which to create the Splunk knowledge objects
|
|
211
|
+
app: MY_SPLUNK_APP
|
|
212
|
+
|
|
213
|
+
environments:
|
|
214
|
+
ENVIRONMENT_NAME:
|
|
215
|
+
url: SPLUNK_API_URL (i.e. https://search-head.my-splunk.com:8089)
|
|
216
|
+
index_name: my_index
|
|
217
|
+
```
|
|
218
|
+
|
|
219
|
+
my_alert.yml
|
|
220
|
+
```yaml
|
|
221
|
+
name: ALERT NAME
|
|
222
|
+
config:
|
|
223
|
+
# Search query of events used to trigger alert
|
|
224
|
+
search: >
|
|
225
|
+
MY SEARCH USING <%= index_name %>
|
|
226
|
+
```
|
|
227
|
+
|
|
228
|
+
Environment variables from the OS can also be referenced.
|
|
229
|
+
|
|
230
|
+
my_alert.yml
|
|
231
|
+
```yaml
|
|
232
|
+
name: ALERT NAME
|
|
233
|
+
config:
|
|
234
|
+
# Search query of events used to trigger alert
|
|
235
|
+
search: >
|
|
236
|
+
MY SEARCH USING <%= ENV['INDEX_NAME'] %>
|
|
237
|
+
```
|
|
238
|
+
|
|
204
239
|
Config
|
|
205
240
|
------
|
|
206
241
|
|
|
@@ -228,6 +263,7 @@ emails:
|
|
|
228
263
|
- my.email@domain.com
|
|
229
264
|
```
|
|
230
265
|
|
|
266
|
+
|
|
231
267
|
### Backwards Compatibility
|
|
232
268
|
|
|
233
269
|
In previous version the config used to look like this,
|
data/Rakefile
CHANGED
|
@@ -170,7 +170,13 @@ end
|
|
|
170
170
|
|
|
171
171
|
def update_version version
|
|
172
172
|
version_splits = version.split('.')
|
|
173
|
+
|
|
174
|
+
# Bump minor version up one
|
|
173
175
|
version_splits[1] = (version_splits[1].to_i + 1).to_s
|
|
176
|
+
|
|
177
|
+
# Ensure fix version is reset
|
|
178
|
+
version_splits[2] = 0
|
|
179
|
+
|
|
174
180
|
next_version = version_splits.join('.')
|
|
175
181
|
|
|
176
182
|
version_rb = IO.read('lib/splunk/pickaxe/version.rb')
|
|
@@ -24,7 +24,7 @@ module Splunk
|
|
|
24
24
|
Config.new deep_merge(DEFAULTS, YAML.load_file(config_path)), environment, execution_path
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
-
attr_reader :namespace, :environment, :execution_path, :emails, :url
|
|
27
|
+
attr_reader :namespace, :environment, :execution_path, :emails, :url, :env_config
|
|
28
28
|
|
|
29
29
|
def initialize(config, environment, execution_path)
|
|
30
30
|
raise "Config must have a 'namespace / app' config" unless config['namespace'].key?('app')
|
|
@@ -40,10 +40,12 @@ module Splunk
|
|
|
40
40
|
puts "Your .pickaxe.yml is using a deprecated config format. Check https://github.com/cerner/splunk-pickaxe#backwards-compatibility for details"
|
|
41
41
|
@emails = config['emails']
|
|
42
42
|
@url = env_config
|
|
43
|
+
@env_config = { 'url' => @url, 'emails' => @emails }
|
|
43
44
|
elsif env_config.is_a?(Hash)
|
|
44
45
|
raise "url config is required for environment [#{environment}]" unless env_config.has_key?('url')
|
|
45
46
|
@url = env_config['url']
|
|
46
47
|
@emails = env_config.has_key?('emails') ? env_config['emails'] : config['emails']
|
|
48
|
+
@env_config = env_config
|
|
47
49
|
else
|
|
48
50
|
raise "Unexepcted value for environment [#{environment}] config. Expected String or Hash, saw #{config['environments'][environment]}"
|
|
49
51
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'ostruct'
|
|
4
|
+
|
|
5
|
+
module Splunk
|
|
6
|
+
module Pickaxe
|
|
7
|
+
class ERBWithBinding < OpenStruct
|
|
8
|
+
def self.render_from_hash(t, h)
|
|
9
|
+
ERBWithBinding.new(h).render(t)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def render(template)
|
|
13
|
+
ERB.new(template).result(binding)
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'splunk-sdk-ruby'
|
|
4
4
|
require 'yaml'
|
|
5
|
+
require_relative 'erb_with_binding'
|
|
5
6
|
|
|
6
7
|
# Base class for syncing splunk objects (dashboards, alerts, etc...)
|
|
7
8
|
module Splunk
|
|
@@ -62,7 +63,9 @@ module Splunk
|
|
|
62
63
|
end
|
|
63
64
|
|
|
64
65
|
def config(file_path)
|
|
65
|
-
|
|
66
|
+
template = File.read(file_path)
|
|
67
|
+
yaml_contents = ERBWithBinding::render_from_hash(template, pickaxe_config.env_config)
|
|
68
|
+
YAML.safe_load(yaml_contents, [], [], true)
|
|
66
69
|
end
|
|
67
70
|
|
|
68
71
|
def create(entity)
|
|
@@ -28,11 +28,14 @@ module Splunk
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
def config(file_path)
|
|
31
|
+
template = IO.read(file_path)
|
|
32
|
+
xml_content = ERBWithBinding::render_from_hash(template, pickaxe_config.env_config)
|
|
33
|
+
|
|
31
34
|
# Dashboards don't have many properties just name and source XML
|
|
32
35
|
{
|
|
33
36
|
'name' => File.basename(file_path, '.xml'),
|
|
34
37
|
'config' => {
|
|
35
|
-
'eai:data' =>
|
|
38
|
+
'eai:data' => xml_content
|
|
36
39
|
}
|
|
37
40
|
}
|
|
38
41
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: splunk-pickaxe
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Bryan Baugher
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: splunk-sdk-ruby
|
|
@@ -97,6 +97,7 @@ files:
|
|
|
97
97
|
- lib/splunk/pickaxe/client.rb
|
|
98
98
|
- lib/splunk/pickaxe/config.rb
|
|
99
99
|
- lib/splunk/pickaxe/cookie_proxy.rb
|
|
100
|
+
- lib/splunk/pickaxe/erb_with_binding.rb
|
|
100
101
|
- lib/splunk/pickaxe/objects.rb
|
|
101
102
|
- lib/splunk/pickaxe/objects/alerts.rb
|
|
102
103
|
- lib/splunk/pickaxe/objects/dashboards.rb
|