splunkman 0.0.1

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,34 @@
+PATH
+  remote: .
+  specs:
+    splunkman (0.0.1)
+      json
+      rake
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.3.2)
+    crack (0.3.1)
+    diff-lcs (1.1.3)
+    json (1.7.4)
+    rake (0.9.2.2)
+    rspec (2.11.0)
+      rspec-core (~> 2.11.0)
+      rspec-expectations (~> 2.11.0)
+      rspec-mocks (~> 2.11.0)
+    rspec-core (2.11.1)
+    rspec-expectations (2.11.2)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.11.2)
+    webmock (1.8.9)
+      addressable (>= 2.2.7)
+      crack (>= 0.1.7)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  rspec
+  splunkman!
+  webmock

data/README.md

@@ -0,0 +1,4 @@
+splunkman
+=========
+
+Ruby API to search Splunk

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/lib/splunkman.rb

@@ -0,0 +1,2 @@
+require 'rubygems'
+require 'json'

data/lib/splunkman/search.rb

@@ -0,0 +1,41 @@
+module SplunkMan
+  class Search
+
+    def initialize(splunk_server, user, password, splunk_search)
+      @splunk_search = splunk_search
+      @splunk_server = splunk_server
+      @user = user
+      @password = password
+    end
+
+    def execute
+      search_id = initiate_splunk_search @splunk_search
+      wait_for_splunk_search(search_id)
+      get_splunk_search_result search_id
+    end
+
+    private
+
+    def initiate_splunk_search(splunk_search)
+      filter_command = "egrep -o '<sid>.*</sid>' | sed -e 's/<sid>//;s/<\\/sid>//"
+      splunk_search_request = "curl -k -s -u #{@user}:#{@password} #{@splunk_server}/search/jobs -d #{splunk_search} | #{filter_command} '"
+      `#{splunk_search_request}`.chomp
+    end
+
+    def wait_for_splunk_search(search_id)
+      puts "waiting for result for search id #{search_id}"
+
+      done = ''
+      while done.empty? do
+        filter_command = "grep -e isDone..1"
+        done=`curl -k -s -u #{@user}:#{@password} #{@splunk_server}/search/jobs/#{search_id} | #{filter_command}` 
+        print "."
+      end
+    end
+
+    def get_splunk_search_result(search_id)
+      splunk_search_result = "curl -k -s -u #{@user}:#{@password} #{@splunk_server}/search/jobs/#{search_id}/results --get -d output_mode=json"
+      JSON.parse(`#{splunk_search_result}`)
+    end
+  end
+end

data/lib/splunkman/version.rb

@@ -0,0 +1,3 @@
+module SplunkMan
+  VERSION = "0.0.1"
+end

data/splunkman.gemspec

@@ -0,0 +1,29 @@
+#-*- encoding: utf-8 -*-
+
+$LOAD_PATH.push File.expand_path("../lib", __FILE__)
+require "splunkman/version"
+
+Gem::Specification.new do |gem|
+  gem.name        = "splunkman"
+  gem.version     = SplunkMan::VERSION
+  gem.authors     = ["Chris Tracey"]
+  gem.email       = [""]
+  gem.homepage    = "https://github.com/ctracey/splunkman"
+  gem.summary     = %q{SplunkMan provides a simple API to execute saved searches on Splunk}
+
+  # gem.description = %q{}
+  # gem.rubyforge_project = "packbot"
+
+  gem.files         = Dir.glob("**/*")
+  gem.test_files    = Dir.glob("{spec}/**/*")
+  gem.executables   = Dir.glob("{bin}/*").map{ |f| file.basename(f) }
+  gem.require_paths = ["lib"]
+
+  gem.add_runtime_dependency "rake"
+  gem.add_runtime_dependency "json"
+
+  gem.add_development_dependency "rspec"
+  gem.add_development_dependency "webmock"
+end
+
+

metadata

@@ -0,0 +1,129 @@
+--- !ruby/object:Gem::Specification 
+name: splunkman
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Chris Tracey
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-08-17 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: json
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: webmock
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+description: 
+email: 
+- ""
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- Gemfile
+- Gemfile.lock
+- lib/splunkman/search.rb
+- lib/splunkman/version.rb
+- lib/splunkman.rb
+- pkg/splunkman-0.0.1.gem
+- Rakefile
+- README.md
+- splunkman.gemspec
+homepage: https://github.com/ctracey/splunkman
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.8.21
+signing_key: 
+specification_version: 3
+summary: SplunkMan provides a simple API to execute saved searches on Splunk
+test_files: []
+