How to use splunk-sdk - 10 common examples
To help you get started, we’ve selected a few splunk-sdk examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
aol / moloch / wiseService / source.splunk.js View on Github 
["host", "username", "password", "query", "keyColumn"].forEach((item) => {
if (this[item] === undefined) {
console.log(this.section, `- ERROR not loading since no ${item} specified in config file`);
return;
}
});
if (this.periodic) {
this.cacheTimeout = -1; // Don't cache
this[this.api.funcName(this.type)] = this.sendResultPeriodic;
setInterval(this.periodicRefresh.bind(this), 1000 * this.periodic);
} else {
this[this.api.funcName(this.type)] = this.sendResult;
}
this.service = new splunkjs.Service({username: this.username, password: this.password, host: this.host, port: this.port, version: this.version});
this.service.login((err, success) => {
if (err) {
console.log("ERROR - Couldn't login to splunk - ", err);
return;
}
if (this.periodic) {
this.periodicRefresh();
}
console.log("Login was successful: " + success);
});
api.addSource(section, this);
this.sourceFields = [this.esResultField];// to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all
// copies or substantial portions of the Software.
// THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
/* jshint unused: true */
var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var ModularInput = ModularInputs.ModularInput;
var Logger = ModularInputs.Logger;
var path = require('path');
var fs = require('fs');
exports.getCheckpoints = function (name) {
var checkpointFileName = getCheckpointFileName(name);
var checkpointsData = "{}";
try {
//Logger.debug(name, 'Reading contents of checkpoint file.');
checkpointsData = fs.readFileSync(checkpointFileName, 'utf8');
} catch (err) {
if (err.code === 'ENOENT') { }
else {(function () {
var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var logs = require('./azure_monitor_logs');
exports.getScheme = function () {
var schemeName = 'Azure Monitor Diagnostic Logs';
var schemeDesc = 'Diagnostic Logs obtained via Azure Monitor.';
return logs.getScheme(schemeName, schemeDesc);
};
// validateInput method validates the script's configuration (optional)
exports.validateInput = function (definition, done) {
done();
};
exports.streamEvents = function (name, singleInput, eventWriter, done) {(function() {
var fs = require("fs");
var path = require("path");
var GithubAPI = require("github");
var splunkjs = require("splunk-sdk");
var Async = splunkjs.Async;
var ModularInputs = splunkjs.ModularInputs;
var Logger = ModularInputs.Logger;
var Event = ModularInputs.Event;
var Scheme = ModularInputs.Scheme;
var Argument = ModularInputs.Argument;
var utils = ModularInputs.utils;
// The version number should be updated every time a new version of the JavaScript SDK is released.
var SDK_UA_STRING = "splunk-sdk-javascript/1.9.0";
// Create easy to read date format.
function getDisplayDate(date) {
var monthStrings = ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"];
date = new Date(date);
var hours = date.getHours();// to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all
// copies or substantial portions of the Software.
// THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
/* jshint unused: true */
var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var ModularInput = ModularInputs.ModularInput;
var Logger = ModularInputs.Logger;
var Scheme = ModularInputs.Scheme;
var Event = ModularInputs.Event;
var Argument = ModularInputs.Argument;
var _ = require('underscore');
var AMQPClient = require('amqp10').Client;
var Policy = require('amqp10').Policy;
var Promise = require('bluebird');
var subs = require('./subs');
var strings = require('./strings');
strings.stringFormat();
var allHubs = require('./hubs.json');
var categories = require('./logCategories.json');(function () {
var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var logs = require('./azure_monitor_logs');
exports.getScheme = function () {
var schemeName = 'Azure Monitor Activity Log';
var schemeDesc = 'Activity Log (aka Audit Log) obtained via Azure Monitor.';
return logs.getScheme(schemeName, schemeDesc);
};
// validateInput method validates the script's configuration (optional)
exports.validateInput = function (definition, done) {
done();
};
// streamEvents streams the events to Splunk Enterprise
exports.streamEvents = function (name, singleInput, eventWriter, done) {exports.getOrStoreSecrets = function (name, singleInput, done) {
// make a copy of singleInput
var mySingleInput = JSON.parse(JSON.stringify(singleInput));
var inputDefinition = ModularInput._inputDefinition;
var session_key = inputDefinition.metadata.session_key;
var service = new splunkjs.Service({ sessionKey: session_key });
var storagePasswords = service.storagePasswords({ 'app': 'TA-Azure_Monitor' });
var propsAppId = {};
var propsAppKey = {};
if (~name.indexOf('azure_activity_log:')) {
propsAppId.name = 'AzureMonitorActivityLogAppID';
propsAppKey.name = 'AzureMonitorActivityLogAppKey';
} else {
propsAppId.name = 'AzureMonitorDiagnosticLogsAppID';
propsAppKey.name = 'AzureMonitorDiagnosticLogsAppKey';
}
propsAppId.password = singleInput.SPNApplicationId;
propsAppKey.password = singleInput.SPNApplicationKey;
if (_.isUndefined(singleInput.SPNApplicationId) && _.isUndefined(singleInput.SPNApplicationKey)) {
done(null, singleInput);(function() {
var fs = require("fs");
var path = require("path");
var GithubAPI = require("github");
var splunkjs = require("splunk-sdk");
var Async = splunkjs.Async;
var ModularInputs = splunkjs.ModularInputs;
var Logger = ModularInputs.Logger;
var Event = ModularInputs.Event;
var Scheme = ModularInputs.Scheme;
var Argument = ModularInputs.Argument;
var utils = ModularInputs.utils;
// The version number should be updated every time a new version of the JavaScript SDK is released.
var SDK_UA_STRING = "splunk-sdk-javascript/1.9.0";
// Create easy to read date format.
function getDisplayDate(date) {
var monthStrings = ["Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"];
date = new Date(date);process.env.SPLUNK_DB = 'c:/github/SplunkAddonForAzureMonitorLogs';
var splunkjs = require("splunk-sdk");
var ModularInputs = splunkjs.ModularInputs;
var Logger = ModularInputs.Logger;
var _ = require('underscore');
var logs = require('./amdl');
var subs = require('./subs');
var strings = require('./strings');
strings.stringFormat();
singleInput = require('./singleInput.json');
var name = 'azure_diagnostic_logs://GOLIVE-Azure';
var messageHandler = function (data) {
var dataAsString = JSON.stringify(data);
if (dataAsString.length > 10000) {var repl = require("repl")
, path = require('path')
, fs = require('fs')
, splunk = require('splunk-sdk')
, prettyjson = require('prettyjson')
, url = require('url')
, open = require('open')
, Async = splunk.Async
, colors = require('colors')
, Table = require('cli-table')
, nconf = require('nconf');
var self = this;
var argv = require('minimist')(process.argv.slice(2));
var query = argv.query;
var verbose = argv.verbose;
var hosted = argv.hosted;
var useJson = argv.json;
function checkArgs() {
var firstParam = process.argv[2];
if (firstParam == "?" || firstParam == "help" || firstParam=="--help") {
console.log("\r\nusage:".white);
console.log("\t--host - Splunk's host".white.bold)splunk-sdk
SDK for usage with the Splunk REST API
