How to use splunk-sdk - 10 common examples

To help you get started, we’ve selected a few splunk-sdk examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github aol / moloch / wiseService / source.splunk.js View on Github external
["host", "username", "password", "query", "keyColumn"].forEach((item) => {
    if (this[item] === undefined) {
      console.log(this.section, `- ERROR not loading since no ${item} specified in config file`);
      return;
    }
  });

  if (this.periodic) {
    this.cacheTimeout = -1; // Don't cache
    this[this.api.funcName(this.type)] = this.sendResultPeriodic;
    setInterval(this.periodicRefresh.bind(this), 1000 * this.periodic);
  } else {
    this[this.api.funcName(this.type)] = this.sendResult;
  }

  this.service = new splunkjs.Service({username: this.username, password: this.password, host: this.host, port: this.port, version: this.version});

  this.service.login((err, success) => {
    if (err) {
      console.log("ERROR - Couldn't login to splunk - ", err);
      return;
    }
    if (this.periodic) {
      this.periodicRefresh();
    }
    
    console.log("Login was successful: " + success);
  });

  api.addSource(section, this);

  this.sourceFields = [this.esResultField];
github microsoft / AzureMonitorAddonForSplunk / bin / app / checkpoints.js View on Github external
// to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all 
// copies or substantial portions of the Software.

// THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 
// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 
// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
/* jshint unused: true */

var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var ModularInput = ModularInputs.ModularInput;
var Logger = ModularInputs.Logger;
var path = require('path');
var fs = require('fs');

exports.getCheckpoints = function (name) {

    var checkpointFileName = getCheckpointFileName(name);

    var checkpointsData = "{}";
    try {
        //Logger.debug(name, 'Reading contents of checkpoint file.');
        checkpointsData = fs.readFileSync(checkpointFileName, 'utf8');
    } catch (err) {
        if (err.code === 'ENOENT') { }
        else {
github microsoft / AzureMonitorAddonForSplunk / bin / app / azure_diagnostic_logs.js View on Github external
(function () {

    var splunkjs = require("splunk-sdk");
    var ModularInputs = splunkjs.ModularInputs;
    var logs = require('./azure_monitor_logs');

    exports.getScheme = function () {
        var schemeName = 'Azure Monitor Diagnostic Logs';
        var schemeDesc = 'Diagnostic Logs obtained via Azure Monitor.';

        return logs.getScheme(schemeName, schemeDesc);
    };

    // validateInput method validates the script's configuration (optional)
    exports.validateInput = function (definition, done) {
        done();
    };

    exports.streamEvents = function (name, singleInput, eventWriter, done) {
github splunk / splunk-sdk-javascript / examples / modularinputs / github_commits / bin / app / github_commits.js View on Github external
(function() {
    var fs              = require("fs");
    var path            = require("path");
    var GithubAPI       = require("github");
    var splunkjs        = require("splunk-sdk");
    var Async           = splunkjs.Async;
    var ModularInputs   = splunkjs.ModularInputs;
    var Logger          = ModularInputs.Logger;
    var Event           = ModularInputs.Event;
    var Scheme          = ModularInputs.Scheme;
    var Argument        = ModularInputs.Argument;
    var utils           = ModularInputs.utils;

    // The version number should be updated every time a new version of the JavaScript SDK is released.
    var SDK_UA_STRING = "splunk-sdk-javascript/1.9.0";

    // Create easy to read date format.
    function getDisplayDate(date) {
        var monthStrings = ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"];

        date = new Date(date);

        var hours = date.getHours();
github microsoft / AzureMonitorAddonForSplunk / bin / app / azure_monitor_logs.js View on Github external
// to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all 
// copies or substantial portions of the Software.

// THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 
// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 
// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

/* jshint unused: true */

var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var ModularInput = ModularInputs.ModularInput;
var Logger = ModularInputs.Logger;
var Scheme = ModularInputs.Scheme;
var Event = ModularInputs.Event;
var Argument = ModularInputs.Argument;

var _ = require('underscore');
var AMQPClient = require('amqp10').Client;
var Policy = require('amqp10').Policy;
var Promise = require('bluebird');

var subs = require('./subs');
var strings = require('./strings');
strings.stringFormat();
var allHubs = require('./hubs.json');
var categories = require('./logCategories.json');
github microsoft / AzureMonitorAddonForSplunk / bin / app / azure_activity_log.js View on Github external
(function () {

    var splunkjs = require("splunk-sdk");
    var ModularInputs = splunkjs.ModularInputs;
    var logs = require('./azure_monitor_logs');

    exports.getScheme = function () {
        var schemeName = 'Azure Monitor Activity Log';
        var schemeDesc = 'Activity Log (aka Audit Log) obtained via Azure Monitor.';
        
        return logs.getScheme(schemeName, schemeDesc);
    };

    // validateInput method validates the script's configuration (optional)
    exports.validateInput = function (definition, done) {
        done();
    };

    // streamEvents streams the events to Splunk Enterprise
    exports.streamEvents = function (name, singleInput, eventWriter, done) {
github microsoft / AzureMonitorAddonForSplunk / bin / app / azure_monitor_logs.js View on Github external
exports.getOrStoreSecrets = function (name, singleInput, done) {

    // make a copy of singleInput
    var mySingleInput = JSON.parse(JSON.stringify(singleInput));

    var inputDefinition = ModularInput._inputDefinition;
    var session_key = inputDefinition.metadata.session_key;
    var service = new splunkjs.Service({ sessionKey: session_key });
    var storagePasswords = service.storagePasswords({ 'app': 'TA-Azure_Monitor' });

    var propsAppId = {};
    var propsAppKey = {};
    if (~name.indexOf('azure_activity_log:')) {
        propsAppId.name = 'AzureMonitorActivityLogAppID';
        propsAppKey.name = 'AzureMonitorActivityLogAppKey';
    } else {
        propsAppId.name = 'AzureMonitorDiagnosticLogsAppID';
        propsAppKey.name = 'AzureMonitorDiagnosticLogsAppKey';
    }
    propsAppId.password = singleInput.SPNApplicationId;
    propsAppKey.password = singleInput.SPNApplicationKey;

    if (_.isUndefined(singleInput.SPNApplicationId) && _.isUndefined(singleInput.SPNApplicationKey)) {
        done(null, singleInput);
github splunk / splunk-sdk-javascript / examples / modularinputs / github_commits / bin / app / github_commits.js View on Github external
(function() {
    var fs              = require("fs");
    var path            = require("path");
    var GithubAPI       = require("github");
    var splunkjs        = require("splunk-sdk");
    var Async           = splunkjs.Async;
    var ModularInputs   = splunkjs.ModularInputs;
    var Logger          = ModularInputs.Logger;
    var Event           = ModularInputs.Event;
    var Scheme          = ModularInputs.Scheme;
    var Argument        = ModularInputs.Argument;
    var utils           = ModularInputs.utils;

    // The version number should be updated every time a new version of the JavaScript SDK is released.
    var SDK_UA_STRING = "splunk-sdk-javascript/1.9.0";

    // Create easy to read date format.
    function getDisplayDate(date) {
        var monthStrings = ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"];

        date = new Date(date);
github microsoft / AzureMonitorAddonForSplunk / test / launchamdl.js View on Github external
process.env.SPLUNK_DB = 'c:/github/SplunkAddonForAzureMonitorLogs';

var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var Logger = ModularInputs.Logger;

var _ = require('underscore');
var logs = require('./amdl');
var subs = require('./subs');
var strings = require('./strings');
strings.stringFormat();

singleInput = require('./singleInput.json');

var name = 'azure_diagnostic_logs://GOLIVE-Azure';

var messageHandler = function (data) {
    var dataAsString = JSON.stringify(data);

    if (dataAsString.length > 10000) {
github splunk / splunkrepl / splunkrepl.js View on Github external
var repl = require("repl")
 , path = require('path')
 , fs = require('fs')
 , splunk = require('splunk-sdk')
 , prettyjson = require('prettyjson')
 , url = require('url')
 , open = require('open')
 , Async = splunk.Async
 , colors = require('colors')
 , Table = require('cli-table')
 , nconf = require('nconf');

var self = this;
var argv = require('minimist')(process.argv.slice(2));
var query = argv.query;
var verbose = argv.verbose;
var hosted = argv.hosted;
var useJson = argv.json;

function checkArgs() {
    var firstParam = process.argv[2];
    if (firstParam == "?" || firstParam == "help" || firstParam=="--help") {
        console.log("\r\nusage:".white); 
        console.log("\t--host - Splunk's host".white.bold)

splunk-sdk

SDK for usage with the Splunk REST API

Apache-2.0
Latest version published 2 years ago

Package Health Score

47 / 100
Full package analysis