splunk-pickaxe 2.5.0 → 2.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Gemfile +1 -1
- data/README.md +9 -1
- data/lib/splunk/pickaxe/config.rb +20 -5
- data/lib/splunk/pickaxe/objects.rb +6 -2
- data/lib/splunk/pickaxe/objects/alerts.rb +8 -1
- data/lib/splunk/pickaxe/objects/reports.rb +8 -1
- data/lib/splunk/pickaxe/version.rb +1 -1
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 5aa55d18be3bf8e837799f9749d4600fd31c18d97dd2d55047dcec589bce63a5
|
4
|
+
data.tar.gz: 47e31586bd3b61c81696be2dca691930d1146bde858f928a20c72d1296057c41
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dad90b3e6d3bd034872edbaa92efc3a93e7031407e71809d3817889229e165d35be331583df6dc2bab06cf8a0d491bf06c0a7f8047de495da77b1bf55b87019b
|
7
|
+
data.tar.gz: 63f9959588456ef9679aa24c0b85afd292f7722a1426e06b41f3544722b087c8db7f3be27289f8aa6c817e3e99c7d1f8a66d393113f105bdfc1e4b2d757962ad
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
Splunk-Pickaxe
|
2
2
|
==============
|
3
3
|
|
4
|
-
[![Build Status](https://travis-ci.
|
4
|
+
[![Build Status](https://travis-ci.com/cerner/splunk-pickaxe.svg?branch=master)](https://travis-ci.com/cerner/splunk-pickaxe)
|
5
5
|
|
6
6
|
A tool for serializing and syncing your repo of Splunk objects across Splunk instances.
|
7
7
|
|
@@ -93,6 +93,10 @@ You can override these defaults or any other property by specifying the property
|
|
93
93
|
under the `config` section. [This doc](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#saved.2Fsearches.2F.7Bname.7D)
|
94
94
|
contains all the properties for an alert.
|
95
95
|
|
96
|
+
By default the alert name will have the splunk environment name appended
|
97
|
+
to it to differentiate its alert from others. This can be disabled in the
|
98
|
+
alert's config by setting `pickaxe.environment.in.name` to `false`.
|
99
|
+
|
96
100
|
#### Common Overrides
|
97
101
|
|
98
102
|
* To tweak the schedule set `cron_schedule` in the `config` section. By default its setup to run every hour. This should be a cron value (i.e. `0 10 * * 1` or run every Monday at 10am)
|
@@ -158,6 +162,10 @@ You can override these defaults or any other property by specifying the property
|
|
158
162
|
under the `config` section. [This doc](http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#saved.2Fsearches.2F.7Bname.7D)
|
159
163
|
contains all the properties for an report.
|
160
164
|
|
165
|
+
By default the report name will have the splunk environment name appended
|
166
|
+
to it to differentiate its report from others. This can be disabled in the
|
167
|
+
report's config by setting `pickaxe.environment.in.name` to `false`.
|
168
|
+
|
161
169
|
#### Common Overrides
|
162
170
|
|
163
171
|
* To tweak the schedule set `cron_schedule` in the `config` section. By default its setup to run every hour. This should be a cron value (i.e. `0 10 * * 1` or run every Monday at 10am)
|
@@ -7,9 +7,11 @@ module Splunk
|
|
7
7
|
class Config
|
8
8
|
CONFIG_FILE ||= '.pickaxe.yml'
|
9
9
|
|
10
|
+
SHARING_DEFAULT = 'app'
|
11
|
+
|
10
12
|
DEFAULTS ||= {
|
11
13
|
'namespace' => {
|
12
|
-
'sharing' =>
|
14
|
+
'sharing' => SHARING_DEFAULT
|
13
15
|
},
|
14
16
|
'environments' => {
|
15
17
|
},
|
@@ -27,7 +29,6 @@ module Splunk
|
|
27
29
|
attr_reader :namespace, :environment, :execution_path, :emails, :url, :env_config
|
28
30
|
|
29
31
|
def initialize(config, environment, execution_path)
|
30
|
-
raise "Config must have a 'namespace / app' config" unless config['namespace'].key?('app')
|
31
32
|
raise "Environment [#{environment}] is not configured" unless config['environments'].has_key?(environment)
|
32
33
|
|
33
34
|
@execution_path = execution_path
|
@@ -41,18 +42,32 @@ module Splunk
|
|
41
42
|
@emails = config['emails']
|
42
43
|
@url = env_config
|
43
44
|
@env_config = { 'url' => @url, 'emails' => @emails }
|
45
|
+
|
46
|
+
# Convert namespace config hash to hash with symbols for keys
|
47
|
+
namespace_config = config['namespace'].each_with_object({}) { |(k, v), memo| memo[k.to_sym] = v; }
|
48
|
+
@namespace = Splunk.namespace(namespace_config)
|
44
49
|
elsif env_config.is_a?(Hash)
|
45
50
|
raise "url config is required for environment [#{environment}]" unless env_config.has_key?('url')
|
46
51
|
@url = env_config['url']
|
47
52
|
@emails = env_config.has_key?('emails') ? env_config['emails'] : config['emails']
|
48
53
|
@env_config = env_config
|
54
|
+
|
55
|
+
# If the environment config has namespace use it otherwise fallback to root config
|
56
|
+
if env_config.has_key?('namespace')
|
57
|
+
raise "Environment config must have a 'namespace / app' config" unless env_config['namespace'].key?('app')
|
58
|
+
namespace_config = env_config['namespace']
|
59
|
+
namespace_config['sharing'] = SHARING_DEFAULT unless namespace_config.has_key?('sharing')
|
60
|
+
else
|
61
|
+
raise "Config must have a 'namespace / app' config" unless config['namespace'].key?('app')
|
62
|
+
namespace_config = config['namespace']
|
63
|
+
end
|
64
|
+
|
65
|
+
# Convert namespace config hash to hash with symbols for keys
|
66
|
+
@namespace = Splunk.namespace(namespace_config.each_with_object({}) { |(k, v), memo| memo[k.to_sym] = v; })
|
49
67
|
else
|
50
68
|
raise "Unexepcted value for environment [#{environment}] config. Expected String or Hash, saw #{config['environments'][environment]}"
|
51
69
|
end
|
52
70
|
|
53
|
-
# Convert namespace config hash to hash with symbols for keys
|
54
|
-
namespace_config = config['namespace'].each_with_object({}) { |(k, v), memo| memo[k.to_sym] = v; }
|
55
|
-
@namespace = Splunk.namespace(namespace_config)
|
56
71
|
end
|
57
72
|
|
58
73
|
private
|
@@ -70,11 +70,11 @@ module Splunk
|
|
70
70
|
|
71
71
|
def create(entity)
|
72
72
|
entity_collection = Splunk::Collection.new service, splunk_resource
|
73
|
-
entity_collection.create(name(entity), splunk_config(entity))
|
73
|
+
entity_collection.create(name(entity), remove_pickaxe_config(splunk_config(entity)))
|
74
74
|
end
|
75
75
|
|
76
76
|
def update(splunk_entity, entity)
|
77
|
-
splunk_entity.update(splunk_config(entity))
|
77
|
+
splunk_entity.update(remove_pickaxe_config(splunk_config(entity)))
|
78
78
|
end
|
79
79
|
|
80
80
|
def find(entity)
|
@@ -148,6 +148,10 @@ module Splunk
|
|
148
148
|
['.yml', '.yaml']
|
149
149
|
end
|
150
150
|
|
151
|
+
def remove_pickaxe_config config
|
152
|
+
config.select{|key, value| !key.start_with?('pickaxe') }
|
153
|
+
end
|
154
|
+
|
151
155
|
def splunk_resource
|
152
156
|
# Must be implemented by child class
|
153
157
|
nil
|
@@ -26,7 +26,11 @@ module Splunk
|
|
26
26
|
|
27
27
|
def name(entity)
|
28
28
|
# The alert name contains the environment name
|
29
|
-
|
29
|
+
if splunk_config(entity)['pickaxe.environment.in.name']
|
30
|
+
return "#{entity['name']} [#{environment.capitalize}]"
|
31
|
+
end
|
32
|
+
|
33
|
+
entity['name']
|
30
34
|
end
|
31
35
|
|
32
36
|
def splunk_config(entity_yaml)
|
@@ -41,6 +45,9 @@ module Splunk
|
|
41
45
|
|
42
46
|
def alert_defaults
|
43
47
|
{
|
48
|
+
# Default to include the environment name in the alert name
|
49
|
+
'pickaxe.environment.in.name' => true,
|
50
|
+
|
44
51
|
# Who to email
|
45
52
|
'action.email.to' => pickaxe_config.emails.join(','),
|
46
53
|
|
@@ -25,7 +25,11 @@ module Splunk
|
|
25
25
|
|
26
26
|
def name(entity)
|
27
27
|
# The report name contains the environment name
|
28
|
-
|
28
|
+
if splunk_config(entity)['pickaxe.environment.in.name']
|
29
|
+
return "#{entity['name']} [#{environment.capitalize}]"
|
30
|
+
end
|
31
|
+
|
32
|
+
entity['name']
|
29
33
|
end
|
30
34
|
|
31
35
|
def splunk_config(entity_yaml)
|
@@ -40,6 +44,9 @@ module Splunk
|
|
40
44
|
|
41
45
|
def report_defaults
|
42
46
|
{
|
47
|
+
# Default to include the environment name in the report name
|
48
|
+
'pickaxe.environment.in.name' => true,
|
49
|
+
|
43
50
|
# Who to email
|
44
51
|
'action.email.to' => pickaxe_config.emails.join(','),
|
45
52
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: splunk-pickaxe
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Bryan Baugher
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-05-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: splunk-sdk-ruby
|
@@ -127,8 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
127
127
|
- !ruby/object:Gem::Version
|
128
128
|
version: '0'
|
129
129
|
requirements: []
|
130
|
-
|
131
|
-
rubygems_version: 2.5.1
|
130
|
+
rubygems_version: 3.0.3
|
132
131
|
signing_key:
|
133
132
|
specification_version: 4
|
134
133
|
summary: A tool for syncing your repo of splunk objects with a splunk instance
|