How to use the solnlib.packages.splunklib.modularinput function in solnlib
To help you get started, we’ve selected a few solnlib examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
PaloAltoNetworks / Splunk_TA_paloalto / bin / autofocus_export.py View on Github 
"""overloaded splunklib modularinput method"""
scheme = super(ModInputautofocus_export, self).get_scheme()
scheme.title = ("AutoFocus Export")
scheme.description = ("")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("label", title="Label",
description="",
required_on_create=False,
required_on_edit=False))
return schemedef get_scheme(self):
"""overloaded splunklib modularinput method"""
scheme = super(ModInputaperture, self).get_scheme()
scheme.title = ("Aperture")
scheme.description = ("")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("region", title="Region",
description="",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("global_account", title="Global Account",
description="",
required_on_create=True,
required_on_edit=False))
return schemedef get_scheme(self):
"""overloaded splunklib modularinput method"""
scheme = super(ModInputkvstore_to_kvstore, self).get_scheme()
scheme.title = ("KVStore to KVStore")
scheme.description = ("Modular Input to pull Remote KVStore table to a Local KVstore table")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("u_splunkserver", title="Splunk Server",
description="The Remote Splunk Server with the source KVStore",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_srcapp", title="Source App",
description="The remote app context with the source KVStore Collection",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_srccollection", title="Source Collection",def get_scheme(self):
"""overloaded splunklib modularinput method"""
scheme = super(ModInputminemeld_feed, self).get_scheme()
scheme.title = ("MineMeld Feed")
scheme.description = ("Collects indicators from a MineMeld output node.")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("indicator_timeout", title="The Timeout For Indicators",
description="",
required_on_create=False,
required_on_edit=False))
scheme.add_argument(smi.Argument("feed_url", title="Output Node Feed URL",
description="",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("credentials", title="Feed Credentials",from solnlib import utils as sutils
from splunktaucclib.global_config import GlobalConfig, GlobalConfigSchema
from splunk_aoblib.rest_helper import TARestHelper
from splunk_aoblib.setup_util import Setup_Util
DATA_INPUTS_OPTIONS = "data_inputs_options"
AOB_TEST_FLAG = 'AOB_TEST'
FIELD_TYPE = "type"
FIELD_FORMAT = "format_type"
CUSTOMIZED_VAR = "customized_var"
TYPE_CHECKBOX = "checkbox"
TYPE_ACCOUNT = "global_account"
class BaseModInput(smi.Script):
'''
This is a modular input wrapper, which provides some helper
functions to read the paramters from setup pages and the arguments
from input definition
'''
LogLevelMapping = {'debug': logging.DEBUG,
'info': logging.INFO,
'warning': logging.WARNING,
'error': logging.ERROR,
'critical': logging.CRITICAL}
def __init__(self, app_namespace, input_name, use_single_instance=False):
super(BaseModInput, self).__init__()
self.use_single_instance = use_single_instance
self._canceled = False
self.input_type = input_namedef get_scheme(self):
"""overloaded splunklib modularinput method"""
scheme = super(ModInputautofocus_export, self).get_scheme()
scheme.title = ("AutoFocus Export")
scheme.description = ("")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("label", title="Label",
description="",
required_on_create=False,
required_on_edit=False))
return schemescheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("indicator_timeout", title="The Timeout For Indicators",
description="",
required_on_create=False,
required_on_edit=False))
scheme.add_argument(smi.Argument("feed_url", title="Output Node Feed URL",
description="",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("credentials", title="Feed Credentials",
description="",
required_on_create=False,
required_on_edit=False))
return schemedescription="The Remote Splunk Server with the source KVStore",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_srcapp", title="Source App",
description="The remote app context with the source KVStore Collection",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_srccollection", title="Source Collection",
description="The remote source KVStore Collection Name",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("global_account", title="Global Account",
description="The stored rest API credential valid on the remote Splunk Server with permissions to the source KVStore",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_desttableaction", title="Destination Table Action",
description="Choose to force destination table full replacement or update table.",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_destapp", title="Destination App",
description="The local app context with the destination KVStore Collection",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("u_destcollection", title="Destination Collection",
description="The local destination KVStore Collection Name",
required_on_create=True,
required_on_edit=False))
return scheme"""overloaded splunklib modularinput method"""
scheme = super(ModInputaperture, self).get_scheme()
scheme.title = ("Aperture")
scheme.description = ("")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("region", title="Region",
description="",
required_on_create=True,
required_on_edit=False))
scheme.add_argument(smi.Argument("global_account", title="Global Account",
description="",
required_on_create=True,
required_on_edit=False))
return scheme:param ew: An object with methods to write events and log messages to Splunk.
"""
# the input metadata is like
# {
# 'server_uri': 'https://127.0.0.1:8089',
# 'server_host': 'localhost',
# 'checkpoint_dir': '...',
# 'session_key': 'ceAvf3z^hZHYxe7wjTyTNo6_0ZRpf5cvWPdtSg'
# }
self.context_meta = inputs.metadata
# init setup util
uri = inputs.metadata["server_uri"]
session_key = inputs.metadata['session_key']
self.setup_util = Setup_Util(uri, session_key, self.logger)
input_definition = smi.input_definition.InputDefinition()
input_definition.metadata = copy.deepcopy(inputs.metadata)
input_definition.inputs = copy.deepcopy(inputs.inputs)
try:
self.parse_input_args(input_definition)
except Exception as e:
import traceback
self.log_error(traceback.format_exc(e))
print >> sys.stderr, traceback.format_exc(e)
self.input_stanzas = {}
if not self.input_stanzas:
# if no stanza found. Just return
return
try:
self.set_log_level(self.log_level)
except:
self.log_debug('set log level fails.')solnlib
The Splunk Software Development Kit for Splunk Solutions
Package Health Score
69 / 100Popular solnlib functions
- solnlib.conf_manager
- solnlib.conf_manager.ConfManager
- solnlib.conf_manager.ConfManagerException
- solnlib.credentials.CredentialManager
- solnlib.log.Logs
- solnlib.log.Logs.set_context
- solnlib.modular_input.checkpointer
- solnlib.modular_input.event.XMLEvent
- solnlib.packages.splunklib.modularinput
- solnlib.packages.splunklib.modularinput.Argument
- solnlib.splunk_rest_client
- solnlib.splunk_rest_client.SplunkRestClient
- solnlib.splunkenv.get_splunkd_uri
- solnlib.utils
- solnlib.utils.escape_json_control_chars
- solnlib.utils.extract_http_scheme_host_port
- solnlib.utils.is_true
- solnlib.utils.retry