How to use the solnlib.packages.splunklib.modularinput function in solnlib

To help you get started, we’ve selected a few solnlib examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github PaloAltoNetworks / Splunk_TA_paloalto / bin / autofocus_export.py View on Github external
"""overloaded splunklib modularinput method"""
        scheme = super(ModInputautofocus_export, self).get_scheme()
        scheme.title = ("AutoFocus Export")
        scheme.description = ("")
        scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("label", title="Label",
                                         description="",
                                         required_on_create=False,
                                         required_on_edit=False))
        return scheme
github PaloAltoNetworks / Splunk_TA_paloalto / bin / aperture.py View on Github external
def get_scheme(self):
        """overloaded splunklib modularinput method"""
        scheme = super(ModInputaperture, self).get_scheme()
        scheme.title = ("Aperture")
        scheme.description = ("")
        scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("region", title="Region",
                                         description="",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("global_account", title="Global Account",
                                         description="",
                                         required_on_create=True,
                                         required_on_edit=False))
        return scheme
github georgestarcher / TA-SyncKVStore / bin / kvstore_to_kvstore.py View on Github external
def get_scheme(self):
        """overloaded splunklib modularinput method"""
        scheme = super(ModInputkvstore_to_kvstore, self).get_scheme()
        scheme.title = ("KVStore to KVStore")
        scheme.description = ("Modular Input to pull Remote KVStore table to a Local KVstore table")
        scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("u_splunkserver", title="Splunk Server",
                                         description="The Remote Splunk Server with the source KVStore",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_srcapp", title="Source App",
                                         description="The remote app context with the source KVStore Collection",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_srccollection", title="Source Collection",
github PaloAltoNetworks / Splunk_TA_paloalto / bin / minemeld_feed.py View on Github external
def get_scheme(self):
        """overloaded splunklib modularinput method"""
        scheme = super(ModInputminemeld_feed, self).get_scheme()
        scheme.title = ("MineMeld Feed")
        scheme.description = ("Collects indicators from a MineMeld output node.")
        scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("indicator_timeout", title="The Timeout For Indicators",
                                         description="",
                                         required_on_create=False,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("feed_url", title="Output Node Feed URL",
                                         description="",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("credentials", title="Feed Credentials",
github PaloAltoNetworks / Splunk_TA_paloalto / bin / splunk_ta_paloalto / modinput_wrapper / base_modinput.py View on Github external
from solnlib import utils as sutils

from splunktaucclib.global_config import GlobalConfig, GlobalConfigSchema
from splunk_aoblib.rest_helper import TARestHelper
from splunk_aoblib.setup_util import Setup_Util

DATA_INPUTS_OPTIONS = "data_inputs_options"
AOB_TEST_FLAG = 'AOB_TEST'
FIELD_TYPE = "type"
FIELD_FORMAT = "format_type"
CUSTOMIZED_VAR = "customized_var"
TYPE_CHECKBOX = "checkbox"
TYPE_ACCOUNT = "global_account"


class BaseModInput(smi.Script):
    '''
    This is a modular input wrapper, which provides some helper
    functions to read the paramters from setup pages and the arguments
    from input definition
    '''
    LogLevelMapping = {'debug': logging.DEBUG,
                       'info': logging.INFO,
                       'warning': logging.WARNING,
                       'error': logging.ERROR,
                       'critical': logging.CRITICAL}

    def __init__(self, app_namespace, input_name, use_single_instance=False):
        super(BaseModInput, self).__init__()
        self.use_single_instance = use_single_instance
        self._canceled = False
        self.input_type = input_name
github PaloAltoNetworks / Splunk_TA_paloalto / bin / autofocus_export.py View on Github external
def get_scheme(self):
        """overloaded splunklib modularinput method"""
        scheme = super(ModInputautofocus_export, self).get_scheme()
        scheme.title = ("AutoFocus Export")
        scheme.description = ("")
        scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("label", title="Label",
                                         description="",
                                         required_on_create=False,
                                         required_on_edit=False))
        return scheme
github PaloAltoNetworks / Splunk_TA_paloalto / bin / minemeld_feed.py View on Github external
scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("indicator_timeout", title="The Timeout For Indicators",
                                         description="",
                                         required_on_create=False,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("feed_url", title="Output Node Feed URL",
                                         description="",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("credentials", title="Feed Credentials",
                                         description="",
                                         required_on_create=False,
                                         required_on_edit=False))
        return scheme
github georgestarcher / TA-SyncKVStore / bin / kvstore_to_kvstore.py View on Github external
description="The Remote Splunk Server with the source KVStore",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_srcapp", title="Source App",
                                         description="The remote app context with the source KVStore Collection",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_srccollection", title="Source Collection",
                                         description="The remote source KVStore Collection Name",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("global_account", title="Global Account",
                                         description="The stored rest API credential valid on the remote Splunk Server with permissions to the source KVStore",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_desttableaction", title="Destination Table Action",
                                         description="Choose to force destination table full replacement or update table.",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_destapp", title="Destination App",
                                         description="The local app context with the destination KVStore Collection",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("u_destcollection", title="Destination Collection",
                                         description="The local destination KVStore Collection Name",
                                         required_on_create=True,
                                         required_on_edit=False))
        return scheme
github PaloAltoNetworks / Splunk_TA_paloalto / bin / aperture.py View on Github external
"""overloaded splunklib modularinput method"""
        scheme = super(ModInputaperture, self).get_scheme()
        scheme.title = ("Aperture")
        scheme.description = ("")
        scheme.use_external_validation = True
        scheme.streaming_mode_xml = True

        scheme.add_argument(smi.Argument("name", title="Name",
                                         description="",
                                         required_on_create=True))

        """
        For customized inputs, hard code the arguments here to hide argument detail from users.
        For other input types, arguments should be get from input_module. Defining new input types could be easier.
        """
        scheme.add_argument(smi.Argument("region", title="Region",
                                         description="",
                                         required_on_create=True,
                                         required_on_edit=False))
        scheme.add_argument(smi.Argument("global_account", title="Global Account",
                                         description="",
                                         required_on_create=True,
                                         required_on_edit=False))
        return scheme
github PaloAltoNetworks / Splunk_TA_paloalto / bin / splunk_ta_paloalto / modinput_wrapper / base_modinput.py View on Github external
:param ew: An object with methods to write events and log messages to Splunk.
        """
        # the input metadata is like
        # {
        #     'server_uri': 'https://127.0.0.1:8089',
        #     'server_host': 'localhost',
        #     'checkpoint_dir': '...',
        #     'session_key': 'ceAvf3z^hZHYxe7wjTyTNo6_0ZRpf5cvWPdtSg'
        # }
        self.context_meta = inputs.metadata
        # init setup util
        uri = inputs.metadata["server_uri"]
        session_key = inputs.metadata['session_key']
        self.setup_util = Setup_Util(uri, session_key, self.logger)

        input_definition = smi.input_definition.InputDefinition()
        input_definition.metadata = copy.deepcopy(inputs.metadata)
        input_definition.inputs = copy.deepcopy(inputs.inputs)
        try:
            self.parse_input_args(input_definition)
        except Exception as e:
            import traceback
            self.log_error(traceback.format_exc(e))
            print >> sys.stderr, traceback.format_exc(e)
            self.input_stanzas = {}
        if not self.input_stanzas:
            # if no stanza found. Just return
            return
        try:
            self.set_log_level(self.log_level)
        except:
            self.log_debug('set log level fails.')