本文整理汇总了Python中splunklib.client.connect函数的典型用法代码示例。如果您正苦于以下问题:Python connect函数的具体用法?Python connect怎么用?Python connect使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了connect函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: test_read_outputs_with_type
def test_read_outputs_with_type(self):
name = testlib.tmpname()
service = client.connect(**self.opts.kwargs)
service.post('data/outputs/tcp/syslog', name=name, type='tcp')
entity = client.Entity(service, 'data/outputs/tcp/syslog/' + name)
self.assertTrue('tcp', entity.content.type)
if service.restart_required:
self.restartSplunk()
service = client.connect(**self.opts.kwargs)
client.Entity(service, 'data/outputs/tcp/syslog/' + name).delete()
if service.restart_required:
self.restartSplunk()
开发者ID:Anlim,项目名称:splunk-sdk-python,代码行数:13,代码来源:test_service.py
示例2: on_message
def on_message(identifier, channel, payload):
print "on_message: %s" % payload
print identifier
print channel
print payload
service = client.connect(username="admin", password="yuchin1234")
cn = service.indexes["testing"].attach()
try:
decoded = json.loads(str(payload))
except:
decoded = {'raw': payload}
if not 'md5' in decoded or not 'data' in decoded:
log.info("Received message does not contain hash or data - Ignoring it")
return
csv = ', '.join(['{0} = {1}'.format(i, decoded[i]) for i in ['url', 'md5', 'sha1', 'type']])
outmsg = 'PUBLISH channel = %s, identifier = %s, %s' % (channel, identifier, csv)
log.info(outmsg)
cn.write(outmsg)
filedata = decoded['data'].decode('base64')
fpath = os.path.join(OUTDIR, decoded['md5'])
with open(fpath, 'wb') as fd:
fd.write(filedata)
开发者ID:yuchincheng,项目名称:SplunkHoneyAttackGraph,代码行数:26,代码来源:thugfiles.py
示例3: test_read
def test_read(self):
service = client.connect(**self.opts.kwargs)
for alert_group in service.fired_alerts:
alert_group.count
for alert in alert_group.alerts:
alert.content
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:7,代码来源:test_fired_alert.py
示例4: main
def main():
usage = "usage: follow.py <search>"
opts = utils.parse(sys.argv[1:], {}, ".splunkrc", usage=usage)
if len(opts.args) != 1:
utils.error("Search expression required", 2)
search = opts.args[0]
service = client.connect(**opts.kwargs)
job = service.jobs.create(search, earliest_time="rt", latest_time="rt", search_mode="realtime")
# Wait for the job to transition out of QUEUED and PARSING so that
# we can if its a transforming search, or not.
while True:
job.refresh()
if job["dispatchState"] not in ["QUEUED", "PARSING"]:
break
time.sleep(2) # Wait
if job["reportSearch"] is not None: # Is it a transforming search?
count = lambda: int(job["numPreviews"])
items = lambda _: job.preview()
else:
count = lambda: int(job["eventCount"])
items = lambda offset: job.events(offset=offset)
try:
follow(job, count, items)
except KeyboardInterrupt:
print "\nInterrupted."
finally:
job.cancel()
开发者ID:rsommer,项目名称:splunk-sdk-python,代码行数:33,代码来源:follow.py
示例5: main
def main():
usage = "usage: %prog <search>"
opts = utils.parse(sys.argv[1:], {}, ".splunkrc", usage=usage)
if len(opts.args) != 1:
utils.error("Search expression required", 2)
search = opts.args[0]
service = connect(**opts.kwargs)
try:
result = service.get(
"search/jobs/export", search=search, earliest_time="rt", latest_time="rt", search_mode="realtime"
)
reader = results.ResultsReader(result.body)
while True:
kind = reader.read()
if kind == None:
break
if kind == results.RESULT:
event = reader.value
pprint(event)
except KeyboardInterrupt:
print "\nInterrupted."
开发者ID:rsommer,项目名称:splunk-sdk-python,代码行数:26,代码来源:stail.py
示例6: connect
def connect(self):
try:
self.service = client.connect(host=self.host, port=self.port, username=self.user, password=self.pasw)
except Exception as e:
msg = '[!] Error: %s' % str(e)
if self.verbose:
print msg
开发者ID:device42,项目名称:splunk_to_device42,代码行数:7,代码来源:recipe_nix_add_on.py
示例7: test_crud
def test_crud(self):
service = client.connect(**self.opts.kwargs)
event_types = service.event_types
if 'sdk-test' in event_types:
event_types.delete('sdk-test')
self.assertFalse('sdk-test' in event_types)
kwargs = {}
kwargs['search'] = "index=_internal *"
kwargs['description'] = "An internal event"
kwargs['disabled'] = 1
kwargs['priority'] = 2
event_type = event_types.create('sdk-test', **kwargs)
self.assertTrue('sdk-test' in event_types)
self.assertEqual('sdk-test', event_type.name)
self.check_content(event_type, **kwargs)
kwargs['search'] = "index=_audit *"
kwargs['description'] = "An audit event"
kwargs['priority'] = 3
event_type.update(**kwargs)
event_type.refresh()
self.check_content(event_type, **kwargs)
event_type.enable()
event_type.refresh()
self.check_content(event_type, disabled=0)
event_types.delete('sdk-test')
self.assertFalse('sdk-teset' in event_types)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:34,代码来源:test_event_type.py
示例8: rds_controller
def rds_controller(rds_list, username, password, hostname, splunkusername, splunkpassword, port, indexname):
for item in rds_list:
rds_host_endpoint = item["Endpoint"]
rds_port = item["Port"]
connection = pymysql.connect(host=rds_host_endpoint, port=rds_port,
user=username, password=password)
cursor = connection.cursor()
cursor.execute("""
SHOW ENGINE INNODB STATUS;
""")
rds_result = cursor.fetchall()
cursor.close()
connection.close()
regex = r"-{4,}\sLATEST DETECTED DEADLOCK\s-{4,}\s((.*)\s)*?-{4,}"
global_str = ""
for row in rds_result:
matches = re.finditer(regex, row[2])
for matchNum, match in enumerate(matches, start=1):
global_str = match.group()
expr = re.compile(r"\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}")
global_str = re.sub(expr, '', global_str)
#to avoid empty dead locks
if len(global_str) > 0:
service = splunk_client.connect(host=hostname, port=port, username=splunkusername, password=splunkpassword)
myindex = service.indexes[indexname]
# Open a socket
mysocket = myindex.attach(host=rds_host_endpoint, source="INNODB STATUS", sourcetype="RDS")
# Send events to it
mysocket.send(global_str)
# Close the socket
mysocket.close()
开发者ID:eduNEXT,项目名称:configuration,代码行数:33,代码来源:export_dead_locks.py
示例9: test_read
def test_read(self):
service = client.connect(**self.opts.kwargs)
for message in service.messages:
self.check_message(message)
message.refresh()
self.check_message(message)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:7,代码来源:test_message.py
示例10: test_settings
def test_settings(self):
service = client.connect(**self.opts.kwargs)
settings = service.settings
# Verify that settings contains the keys we expect
keys = [
"SPLUNK_DB", "SPLUNK_HOME", "enableSplunkWebSSL", "host",
"httpport", "mgmtHostPort", "minFreeSpace", "pass4SymmKey",
"serverName", "sessionTimeout", "startwebserver", "trustedIP"
]
for key in keys: self.assertTrue(key in settings.content)
# Verify that we can update the settings
original = settings['sessionTimeout']
self.assertTrue(original != "42h")
settings.update(sessionTimeout="42h")
settings.refresh()
updated = settings['sessionTimeout']
self.assertEqual(updated, "42h")
# Restore (and verify) original value
settings.update(sessionTimeout=original)
settings.refresh()
updated = settings['sessionTimeout']
self.assertEqual(updated, original)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:25,代码来源:test_service.py
示例11: test_crud
def test_crud(self):
service = client.connect(**self.opts.kwargs)
saved_searches = service.saved_searches
if 'sdk-test1' in saved_searches:
saved_searches.delete('sdk-test1')
self.assertFalse('sdk-test1' in saved_searches)
search = "search index=sdk-tests * earliest=-1m"
saved_search = saved_searches.create('sdk-test1', search)
self.assertEqual('sdk-test1', saved_search.name)
self.assertTrue('sdk-test1' in saved_searches)
saved_search = saved_searches['sdk-test1']
self.check_content(saved_search, is_visible=1)
saved_search.update(is_visible=False)
saved_search.refresh()
self.check_content(saved_search, is_visible=0)
saved_searches.delete('sdk-test1')
self.assertFalse('sdk-test1' in saved_searches)
saved_search = saved_searches.create(
'sdk-test1', search, is_visible=False)
self.assertEqual('sdk-test1', saved_search.name)
self.assertTrue('sdk-test1' in saved_searches)
self.check_content(saved_search, is_visible=0)
saved_searches.delete('sdk-test1')
self.assertFalse('sdk-test1' in saved_searches)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:31,代码来源:test_saved_search.py
示例12: test_dispatch
def test_dispatch(self):
service = client.connect(**self.opts.kwargs)
saved_searches = service.saved_searches
if 'sdk-test1' in saved_searches:
saved_searches.delete('sdk-test1')
self.assertFalse('sdk-test1' in saved_searches)
search = "search index=sdk-tests * earliest=-1m"
saved_search = saved_searches.create('sdk-test1', search)
self.assertEqual('sdk-test1', saved_search.name)
self.assertTrue('sdk-test1' in saved_searches)
job = saved_search.dispatch()
testlib.wait(job, lambda job: bool(int(job['isDone'])))
job.results().close()
job.cancel()
# Dispatch with some additional options
kwargs = { 'dispatch.buckets': 100 }
job = saved_search.dispatch(**kwargs)
testlib.wait(job, lambda job: bool(int(job['isDone'])))
job.timeline().close()
job.cancel()
saved_searches.delete('sdk-test1')
self.assertFalse('sdk-test1' in saved_searches)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:27,代码来源:test_saved_search.py
示例13: __init__
def __init__(self, splunk_conf, splunk_evt, splunk_index):
self.splunk = client.connect(**splunk_conf)
if not splunk_index in self.splunk.indexes:
self.index = self.splunk.indexes.create(splunk_index)
else:
self.index = self.splunk.indexes[splunk_index]
self.socket = self.index.attach(**splunk_evt)
开发者ID:blacked,项目名称:zabbix-audit,代码行数:7,代码来源:zabbixaudit.py
示例14: test_read
def test_read(self):
service = client.connect(**self.opts.kwargs)
for index in service.indexes:
self.check_index(index)
index.refresh()
self.check_index(index)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:7,代码来源:test_index.py
示例15: test_read
def test_read(self):
service = client.connect(**self.opts.kwargs)
for role in service.roles:
self.check_role(role)
role.refresh()
self.check_role(role)
开发者ID:rsommer,项目名称:splunk-sdk-python,代码行数:7,代码来源:test_role.py
示例16: start
def start(self):
self.service = client.connect(
host=self.host,
port=self.port,
username=self.username,
password=self.password)
self.index = self.service.indexes['cowrie']
开发者ID:RyanKung,项目名称:cowrie,代码行数:7,代码来源:splunk.py
示例17: test_read
def test_read(self):
service = client.connect(**self.opts.kwargs)
for app in service.apps:
self.check_app(app)
app.refresh()
self.check_app(app)
开发者ID:archankr,项目名称:splunk-sdk-python,代码行数:7,代码来源:test_app.py
示例18: main
def main(argv):
usage = 'usage: %prog [options] "search"'
flags = []
flags.extend(FLAGS_TOOL)
flags.extend(FLAGS_CREATE)
flags.extend(FLAGS_RESULTS)
opts = cmdline(argv, flags, usage=usage)
if len(opts.args) != 1:
error("Search expression required", 2)
search = opts.args[0]
verbose = opts.kwargs.get("verbose", 0)
kwargs_splunk = dslice(opts.kwargs, FLAGS_SPLUNK)
kwargs_create = dslice(opts.kwargs, FLAGS_CREATE)
kwargs_results = dslice(opts.kwargs, FLAGS_RESULTS)
service = client.connect(**kwargs_splunk)
try:
service.parse(search, parse_only=True)
except HTTPError as e:
cmdopts.error("query '%s' is invalid:\n\t%s" % (search, e.message), 2)
return
job = service.jobs.create(search, **kwargs_create)
while True:
while not job.is_ready():
pass
stats = {'isDone': job['isDone'],
'doneProgress': job['doneProgress'],
'scanCount': job['scanCount'],
'eventCount': job['eventCount'],
'resultCount': job['resultCount']}
progress = float(stats['doneProgress'])*100
scanned = int(stats['scanCount'])
matched = int(stats['eventCount'])
results = int(stats['resultCount'])
if verbose > 0:
status = ("\r%03.1f%% | %d scanned | %d matched | %d results" % (
progress, scanned, matched, results))
sys.stdout.write(status)
sys.stdout.flush()
if stats['isDone'] == '1':
if verbose > 0: sys.stdout.write('\n')
break
sleep(2)
if not kwargs_results.has_key('count'): kwargs_results['count'] = 0
results = job.results(**kwargs_results)
while True:
content = results.read(1024)
if len(content) == 0: break
sys.stdout.write(content)
sys.stdout.flush()
sys.stdout.write('\n')
job.cancel()
开发者ID:Anlim,项目名称:splunk-sdk-python,代码行数:60,代码来源:search.py
示例19: setUpClass
def setUpClass(cls):
cls.opts = parse([], {}, ".splunkrc")
# Before we start, make sure splunk doesn't need a restart.
service = client.connect(**cls.opts.kwargs)
if service.restart_required:
service.restart(timeout=120)
开发者ID:Jaykul,项目名称:splunk-sdk-python,代码行数:7,代码来源:testlib.py
示例20: start_proxy
def start_proxy(config, daemonize=False):
argv = None
connected = None
pid_file = get_proxy_pid_file(config)
argv = [config['node'], path.join(MAIN_DIR, "proxy", "proxy.js")]
# Get the appropriate stdin/stdout/stderr
stdin = None if not daemonize else file(os.devnull, 'r')
stdout = sys.stdout if not daemonize else file(os.devnull, 'a+')
stderr = sys.stderr if not daemonize else file(os.devnull, 'a+', 0)
connected = connect(
argv,
stdin=stdin,
stdout=stdout,
stderr=stderr)
if daemonize:
# We already forked the process, we simply need to get the pid
# and then write it out to the file
pid = str(connected.pid)
with file(pid_file, 'w+') as f:
f.write("%s\n" % pid)
else:
def cleanup():
try:
connected.kill()
except:
# Ignore errors during cleanup
pass
atexit.register(cleanup)
return connected
开发者ID:wuzesheng,项目名称:splunk-webframework,代码行数:34,代码来源:appdo.py
注:本文中的splunklib.client.connect函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论