splunk-pickaxe 2.4.0 → 2.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +13 -0
- data/lib/splunk/pickaxe/cli.rb +1 -0
- data/lib/splunk/pickaxe/client.rb +5 -1
- data/lib/splunk/pickaxe/objects/macros.rb +32 -0
- data/lib/splunk/pickaxe/objects/supported_keys.rb +1 -0
- data/lib/splunk/pickaxe/version.rb +2 -2
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 380cb464caac68882fc7d3b81b54dd3fcd5c3f95
|
|
4
|
+
data.tar.gz: 2b6542dd650ad6e0f3ea7933ca482c26c095b34a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c0faf0088aa94e73f70e477ae689df7e766b2e6ef01242056782d798314d1077dda754484ab02d00a9a6bc31bbd6053cf9eada6c05eb914e22361faced1a1b4b
|
|
7
|
+
data.tar.gz: 16fcf217d1e2afc3965c5545be2338e4ce8175f18b0d87b4b5cd992272d871eff249558003ea2a99bb19f48df944c0e0b6707f1525b2a87b538ca64e018a22a8
|
data/README.md
CHANGED
|
@@ -65,6 +65,7 @@ Currently the following objects are supported,
|
|
|
65
65
|
* [alerts](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#saved.2Fsearches)
|
|
66
66
|
* [dashboards](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTknowledge#data.2Fui.2Fviews.2F.7Bname.7D)
|
|
67
67
|
* [eventtypes](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTknowledge#saved.2Feventtypes)
|
|
68
|
+
* [macros](http://docs.splunk.com/Documentation/Splunk/7.1.2/Knowledge/Usesearchmacros)
|
|
68
69
|
* [reports](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#saved.2Fsearches)
|
|
69
70
|
* [tags](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTknowledge#search.2Ftags.2F.7Btag_name.7D)
|
|
70
71
|
* [field_extractions](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTknowledge#data.2Fprops.2Fextractions)
|
|
@@ -123,6 +124,18 @@ config:
|
|
|
123
124
|
...
|
|
124
125
|
```
|
|
125
126
|
|
|
127
|
+
### Macros
|
|
128
|
+
|
|
129
|
+
To add a new macro create a new `macro.yml` file under `macros`.
|
|
130
|
+
The name of the file should be the name of the macro. If the file is
|
|
131
|
+
`my_macro.yml`, this means the name is `my_macro`.
|
|
132
|
+
|
|
133
|
+
```yaml
|
|
134
|
+
name: MACRO_NAME
|
|
135
|
+
config:
|
|
136
|
+
definition: index=my_index search things
|
|
137
|
+
```
|
|
138
|
+
|
|
126
139
|
### Reports
|
|
127
140
|
|
|
128
141
|
To add a new report to the repo simply create a new `REPORT.yml` file under `reports`.
|
data/lib/splunk/pickaxe/cli.rb
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
require 'splunk/pickaxe/objects/alerts'
|
|
4
4
|
require 'splunk/pickaxe/objects/dashboards'
|
|
5
5
|
require 'splunk/pickaxe/objects/eventtypes'
|
|
6
|
+
require 'splunk/pickaxe/objects/macros'
|
|
6
7
|
require 'splunk/pickaxe/objects/reports'
|
|
7
8
|
require 'splunk/pickaxe/objects/tags'
|
|
8
9
|
require 'splunk/pickaxe/objects/field_extractions'
|
|
@@ -10,7 +11,7 @@ require 'splunk/pickaxe/objects/field_extractions'
|
|
|
10
11
|
module Splunk
|
|
11
12
|
module Pickaxe
|
|
12
13
|
class Client
|
|
13
|
-
attr_reader :service, :alerts, :dashboards, :eventypes, :reports, :tags, :field_extractions
|
|
14
|
+
attr_reader :service, :alerts, :dashboards, :eventypes, :macros, :reports, :tags, :field_extractions
|
|
14
15
|
|
|
15
16
|
def initialize(service, environment, config, args)
|
|
16
17
|
@service = service
|
|
@@ -19,6 +20,7 @@ module Splunk
|
|
|
19
20
|
@alerts = Alerts.new service, environment, config
|
|
20
21
|
@dashboards = Dashboards.new service, environment, config
|
|
21
22
|
@eventtypes = EventTypes.new service, environment, config
|
|
23
|
+
@macros = Macros.new service, environment, config
|
|
22
24
|
@reports = Reports.new service, environment, config
|
|
23
25
|
@tags = Tags.new service, environment, config
|
|
24
26
|
@field_extractions = FieldExtractions.new service, environment, config
|
|
@@ -28,6 +30,7 @@ module Splunk
|
|
|
28
30
|
@alerts.sync
|
|
29
31
|
@dashboards.sync
|
|
30
32
|
@eventtypes.sync
|
|
33
|
+
@macros.sync
|
|
31
34
|
@reports.sync
|
|
32
35
|
@tags.sync
|
|
33
36
|
@field_extractions.sync
|
|
@@ -39,6 +42,7 @@ module Splunk
|
|
|
39
42
|
@alerts.save overwrite
|
|
40
43
|
@dashboards.save overwrite
|
|
41
44
|
@eventtypes.save overwrite
|
|
45
|
+
@macros.save overwrite
|
|
42
46
|
@reports.save overwrite
|
|
43
47
|
# splunk-sdk doesn't seem to support iterating tags
|
|
44
48
|
@field_extractions.save overwrite
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'yaml'
|
|
4
|
+
require 'splunk/pickaxe/objects'
|
|
5
|
+
require 'splunk/pickaxe/objects/supported_keys'
|
|
6
|
+
|
|
7
|
+
module Splunk
|
|
8
|
+
module Pickaxe
|
|
9
|
+
class Macros < Objects
|
|
10
|
+
DIR ||= 'macros'
|
|
11
|
+
|
|
12
|
+
def splunk_resource
|
|
13
|
+
%w[admin macros]
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def entity_dir
|
|
17
|
+
DIR
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def entity_file_path(splunk_entity)
|
|
21
|
+
File.join(
|
|
22
|
+
pickaxe_config.execution_path, entity_dir,
|
|
23
|
+
entity_file_name(splunk_entity)
|
|
24
|
+
)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def splunk_entity_keys
|
|
28
|
+
Splunk::Pickaxe::MACRO_KEYS
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -5,6 +5,7 @@ module Splunk
|
|
|
5
5
|
ALERT_KEYS = %w[action.email action.email.sendresults action.email.to action.populate_lookup action.rss action.script action.summary_index actions alert.digest_mode alert.expires alert.severity alert.suppress alert.suppress.fields alert.suppress.period alert.track alert_comparator alert_condition alert_threshold alert_type auto_summarize auto_summarize.command auto_summarize.cron_schedule auto_summarize.dispatch.earliest_time auto_summarize.dispatch.latest_time auto_summarize.dispatch.time_format auto_summarize.dispatch.ttl auto_summarize.max_concurrent auto_summarize.max_disabled_buckets auto_summarize.max_summary_ratio auto_summarize.max_summary_size auto_summarize.max_time auto_summarize.suspend_period auto_summarize.timespan cron_schedule description disabled dispatch.auto_cancel dispatch.auto_pause dispatch.buckets dispatch.earliest_time dispatch.index_earliest dispatch.index_latest dispatch.indexedRealtime dispatch.latest_time dispatch.lookups dispatch.max_count dispatch.max_time dispatch.reduce_freq dispatch.rt_backfill dispatch.spawn_process dispatch.time_format dispatch.ttl dispatchAs display.events.fields display.events.list.drilldown display.events.list.wrap display.events.maxLines display.events.raw.drilldown display.events.rowNumbers display.events.table.drilldown display.events.table.wrap display.events.type display.general.enablePreview display.general.migratedFromViewState display.general.timeRangePicker.show display.general.type display.page.search.mode display.page.search.patterns.sensitivity display.page.search.showFields display.page.search.tab display.page.search.timeline.format display.page.search.timeline.scale display.statistics.drilldown display.statistics.overlay display.statistics.rowNumbers display.statistics.show display.statistics.wrap display.visualizations.chartHeight display.visualizations.charting.axisLabelsX.majorLabelStyle.overflowMode display.visualizations.charting.axisLabelsX.majorLabelStyle.rotation display.visualizations.charting.axisLabelsX.majorUnit display.visualizations.charting.axisLabelsY.majorUnit display.visualizations.charting.axisLabelsY2.majorUnit display.visualizations.charting.axisTitleX.text display.visualizations.charting.axisTitleX.visibility display.visualizations.charting.axisTitleY.text display.visualizations.charting.axisTitleY.visibility display.visualizations.charting.axisTitleY2.text display.visualizations.charting.axisTitleY2.visibility display.visualizations.charting.axisX.maximumNumber display.visualizations.charting.axisX.minimumNumber display.visualizations.charting.axisX.scale display.visualizations.charting.axisY.maximumNumber display.visualizations.charting.axisY.minimumNumber display.visualizations.charting.axisY.scale display.visualizations.charting.axisY2.enabled display.visualizations.charting.axisY2.maximumNumber display.visualizations.charting.axisY2.minimumNumber display.visualizations.charting.axisY2.scale display.visualizations.charting.chart display.visualizations.charting.chart.bubbleMaximumSize display.visualizations.charting.chart.bubbleMinimumSize display.visualizations.charting.chart.bubbleSizeBy display.visualizations.charting.chart.nullValueMode display.visualizations.charting.chart.overlayFields display.visualizations.charting.chart.rangeValues display.visualizations.charting.chart.showDataLabels display.visualizations.charting.chart.sliceCollapsingThreshold display.visualizations.charting.chart.stackMode display.visualizations.charting.chart.style display.visualizations.charting.drilldown display.visualizations.charting.gaugeColors display.visualizations.charting.layout.splitSeries display.visualizations.charting.layout.splitSeries.allowIndependentYRanges display.visualizations.charting.legend.labelStyle.overflowMode display.visualizations.charting.legend.placement display.visualizations.mapHeight display.visualizations.mapping.choroplethLayer.colorBins display.visualizations.mapping.choroplethLayer.colorMode display.visualizations.mapping.choroplethLayer.maximumColor display.visualizations.mapping.choroplethLayer.minimumColor display.visualizations.mapping.choroplethLayer.neutralPoint display.visualizations.mapping.choroplethLayer.shapeOpacity display.visualizations.mapping.choroplethLayer.showBorder display.visualizations.mapping.data.maxClusters display.visualizations.mapping.drilldown display.visualizations.mapping.map.center display.visualizations.mapping.map.panning display.visualizations.mapping.map.scrollZoom display.visualizations.mapping.map.zoom display.visualizations.mapping.markerLayer.markerMaxSize display.visualizations.mapping.markerLayer.markerMinSize display.visualizations.mapping.markerLayer.markerOpacity display.visualizations.mapping.showTiles display.visualizations.mapping.tileLayer.maxZoom display.visualizations.mapping.tileLayer.minZoom display.visualizations.mapping.tileLayer.tileOpacity display.visualizations.mapping.tileLayer.url display.visualizations.mapping.type display.visualizations.show display.visualizations.singlevalue.afterLabel display.visualizations.singlevalue.beforeLabel display.visualizations.singlevalue.colorBy display.visualizations.singlevalue.colorMode display.visualizations.singlevalue.numberPrecision display.visualizations.singlevalue.rangeColors display.visualizations.singlevalue.rangeValues display.visualizations.singlevalue.showSparkline display.visualizations.singlevalue.showTrendIndicator display.visualizations.singlevalue.trendColorInterpretation display.visualizations.singlevalue.trendDisplayMode display.visualizations.singlevalue.trendInterval display.visualizations.singlevalue.underLabel display.visualizations.singlevalue.useColors display.visualizations.singlevalue.useThousandSeparators display.visualizations.singlevalueHeight display.visualizations.type displayview is_scheduled is_visible max_concurrent next_scheduled_time qualifiedSearch realtime_schedule request.ui_dispatch_app request.ui_dispatch_view restart_on_searchpeer_add run_n_times run_on_startup schedule_window search vsid].freeze
|
|
6
6
|
EVENT_TYPES_KEYS = %w[description disabled priority search tags].freeze
|
|
7
7
|
FIELD_EXTRACTIONS_KEYS = %w[stanza type value].freeze
|
|
8
|
+
MACRO_KEYS = %w[definition].freeze
|
|
8
9
|
REPORT_KEYS = %w[action.email action.email.sendresults action.email.to action.populate_lookup action.rss action.script action.summary_index actions alert.digest_mode alert.expires alert.severity alert.suppress alert.suppress.fields alert.suppress.period alert.track alert_comparator alert_condition alert_threshold alert_type auto_summarize auto_summarize.command auto_summarize.cron_schedule auto_summarize.dispatch.earliest_time auto_summarize.dispatch.latest_time auto_summarize.dispatch.time_format auto_summarize.dispatch.ttl auto_summarize.max_concurrent auto_summarize.max_disabled_buckets auto_summarize.max_summary_ratio auto_summarize.max_summary_size auto_summarize.max_time auto_summarize.suspend_period auto_summarize.timespan cron_schedule description disabled dispatch.auto_cancel dispatch.auto_pause dispatch.buckets dispatch.earliest_time dispatch.index_earliest dispatch.index_latest dispatch.indexedRealtime dispatch.latest_time dispatch.lookups dispatch.max_count dispatch.max_time dispatch.reduce_freq dispatch.rt_backfill dispatch.spawn_process dispatch.time_format dispatch.ttl dispatchAs display.events.fields display.events.list.drilldown display.events.list.wrap display.events.maxLines display.events.raw.drilldown display.events.rowNumbers display.events.table.drilldown display.events.table.wrap display.events.type display.general.enablePreview display.general.migratedFromViewState display.general.timeRangePicker.show display.general.type display.page.search.mode display.page.search.patterns.sensitivity display.page.search.showFields display.page.search.tab display.page.search.timeline.format display.page.search.timeline.scale display.statistics.drilldown display.statistics.overlay display.statistics.rowNumbers display.statistics.show display.statistics.wrap display.visualizations.chartHeight display.visualizations.charting.axisLabelsX.majorLabelStyle.overflowMode display.visualizations.charting.axisLabelsX.majorLabelStyle.rotation display.visualizations.charting.axisLabelsX.majorUnit display.visualizations.charting.axisLabelsY.majorUnit display.visualizations.charting.axisLabelsY2.majorUnit display.visualizations.charting.axisTitleX.text display.visualizations.charting.axisTitleX.visibility display.visualizations.charting.axisTitleY.text display.visualizations.charting.axisTitleY.visibility display.visualizations.charting.axisTitleY2.text display.visualizations.charting.axisTitleY2.visibility display.visualizations.charting.axisX.maximumNumber display.visualizations.charting.axisX.minimumNumber display.visualizations.charting.axisX.scale display.visualizations.charting.axisY.maximumNumber display.visualizations.charting.axisY.minimumNumber display.visualizations.charting.axisY.scale display.visualizations.charting.axisY2.enabled display.visualizations.charting.axisY2.maximumNumber display.visualizations.charting.axisY2.minimumNumber display.visualizations.charting.axisY2.scale display.visualizations.charting.chart display.visualizations.charting.chart.bubbleMaximumSize display.visualizations.charting.chart.bubbleMinimumSize display.visualizations.charting.chart.bubbleSizeBy display.visualizations.charting.chart.nullValueMode display.visualizations.charting.chart.overlayFields display.visualizations.charting.chart.rangeValues display.visualizations.charting.chart.showDataLabels display.visualizations.charting.chart.sliceCollapsingThreshold display.visualizations.charting.chart.stackMode display.visualizations.charting.chart.style display.visualizations.charting.drilldown display.visualizations.charting.gaugeColors display.visualizations.charting.layout.splitSeries display.visualizations.charting.layout.splitSeries.allowIndependentYRanges display.visualizations.charting.legend.labelStyle.overflowMode display.visualizations.charting.legend.placement display.visualizations.mapHeight display.visualizations.mapping.choroplethLayer.colorBins display.visualizations.mapping.choroplethLayer.colorMode display.visualizations.mapping.choroplethLayer.maximumColor display.visualizations.mapping.choroplethLayer.minimumColor display.visualizations.mapping.choroplethLayer.neutralPoint display.visualizations.mapping.choroplethLayer.shapeOpacity display.visualizations.mapping.choroplethLayer.showBorder display.visualizations.mapping.data.maxClusters display.visualizations.mapping.drilldown display.visualizations.mapping.map.center display.visualizations.mapping.map.panning display.visualizations.mapping.map.scrollZoom display.visualizations.mapping.map.zoom display.visualizations.mapping.markerLayer.markerMaxSize display.visualizations.mapping.markerLayer.markerMinSize display.visualizations.mapping.markerLayer.markerOpacity display.visualizations.mapping.showTiles display.visualizations.mapping.tileLayer.maxZoom display.visualizations.mapping.tileLayer.minZoom display.visualizations.mapping.tileLayer.tileOpacity display.visualizations.mapping.tileLayer.url display.visualizations.mapping.type display.visualizations.show display.visualizations.singlevalue.afterLabel display.visualizations.singlevalue.beforeLabel display.visualizations.singlevalue.colorBy display.visualizations.singlevalue.colorMode display.visualizations.singlevalue.numberPrecision display.visualizations.singlevalue.rangeColors display.visualizations.singlevalue.rangeValues display.visualizations.singlevalue.showSparkline display.visualizations.singlevalue.showTrendIndicator display.visualizations.singlevalue.trendColorInterpretation display.visualizations.singlevalue.trendDisplayMode display.visualizations.singlevalue.trendInterval display.visualizations.singlevalue.underLabel display.visualizations.singlevalue.useColors display.visualizations.singlevalue.useThousandSeparators display.visualizations.singlevalueHeight display.visualizations.type displayview is_scheduled is_visible max_concurrent next_scheduled_time qualifiedSearch realtime_schedule request.ui_dispatch_app request.ui_dispatch_view restart_on_searchpeer_add run_n_times run_on_startup schedule_window search vsid].freeze
|
|
9
10
|
end
|
|
10
11
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: splunk-pickaxe
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Bryan Baugher
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-08-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: splunk-sdk-ruby
|
|
@@ -103,6 +103,7 @@ files:
|
|
|
103
103
|
- lib/splunk/pickaxe/objects/dashboards.rb
|
|
104
104
|
- lib/splunk/pickaxe/objects/eventtypes.rb
|
|
105
105
|
- lib/splunk/pickaxe/objects/field_extractions.rb
|
|
106
|
+
- lib/splunk/pickaxe/objects/macros.rb
|
|
106
107
|
- lib/splunk/pickaxe/objects/reports.rb
|
|
107
108
|
- lib/splunk/pickaxe/objects/supported_keys.rb
|
|
108
109
|
- lib/splunk/pickaxe/objects/tags.rb
|