本文整理汇总了Python中splunk.Intersplunk类的典型用法代码示例。如果您正苦于以下问题:Python Intersplunk类的具体用法?Python Intersplunk怎么用?Python Intersplunk使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Intersplunk类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: yamuser
def yamuser():
try:
# logger = dcu.getLogger()
# logger.info("Starting the yamuser command")
# Get configuration values from jira.conf
splunk_conf = yammercommon.getSplunkConf()
# logger.root.setLevel(logging.DEBUG)
local_conf = yammercommon.getLocalConf()
access_token = local_conf.get('yammercommon', 'access_token')
# logger.debug("Access Token %s" % access_token)
yammer = yampy.Yammer(access_token=access_token)
results, dummyresults, settings = isp.getOrganizedResults()
keywords, options = isp.getKeywordsAndOptions()
output_field = options.get('out', 'yammer_user_full_name')
user_id_fld = options.get('field', 'sender_id')
#userid = argvals.get("id")
if results:
for result in results:
userid = result[user_id_fld]
if userid:
#user = yammer.users.find(userid)
result[str(output_field)] = "test"
#user.full_name
else:
result={}
#user = yammer.users.find(userid)
#result[str(user_name)] = user.full_name
#results.append(result)
splunk.Intersplunk.outputResults(results)
except Exception, e:
import traceback
stack = traceback.format_exc()
splunk.Intersplunk.generateErrorResults(str(e))
开发者ID:hvandenb,项目名称:SplunkModularInputsPythonFramework,代码行数:47,代码来源:yamuser.py
示例2: get_pretty_table
# send splunk results to slack
import prettytable
import ConfigParser
import requests
import json
import os
import sys
import splunk.Intersplunk as sis
(a, kwargs) = sis.getKeywordsAndOptions()
TRUE_VALUES = ['true', '1', 't', 'y', 'yes']
def get_pretty_table(results):
if results:
keys = results[0].keys()
else:
return ''
x = prettytable.PrettyTable(keys, padding_width=4)
for row in results:
x.add_row([row[k] for k in keys])
return "```" + x.get_string() + "```"
def main():
# get config from config file
config = ConfigParser.ConfigParser()
config.readfp(open(os.path.join('..', 'default', 'slack.conf')))
# username and icon can only be set by conf
username = config.get('config', 'username')
icon = config.get('config', 'icon')
开发者ID:billcchung,项目名称:splunk_slack,代码行数:31,代码来源:slack.py
示例3: len
import hashlib
import splunk.Intersplunk as si
if __name__ == '__main__':
try:
keywords,options = si.getKeywordsAndOptions()
if len(keywords) == 0:
si.generateErrorResults('Requires fields list.')
exit(0)
search = ' '.join(keywords)
results,dummyresults,settings = si.getOrganizedResults()
for result in results:
eventSignature = '-=XXX=-'.join([result.get(field,'') for field in keywords])
sigHash = hashlib.md5(eventSignature).hexdigest()
result['_icon'] = sigHash
si.outputResults(results)
except Exception, e:
import traceback
stack = traceback.format_exc()
si.generateErrorResults("Error '%s'. %s" % (e, stack))
开发者ID:DRArpitha,项目名称:splunk,代码行数:21,代码来源:iconify.py
示例4: Copyright
# Copyright (C) 2005-2011 Splunk Inc. All Rights Reserved. Version 4.0
import splunk.Intersplunk as si
import splunk.mining.FieldLearning as ifl
import re
import splunk.mining.dcutils as dcu
logger = dcu.getLogger()
if __name__ == '__main__':
try:
keywords,options = si.getKeywordsAndOptions()
examples = options.get('examples', None)
badexamples = options.get('counterexamples', None)
fromfield = options.get('fromfield', '_raw')
maxtrainers = options.get('maxtrainers', '100')
msg = None
if examples != None and examples.startswith('"') and examples.endswith('"'):
examples = examples[1:-1]
if badexamples != None and badexamples.startswith('"') and badexamples.endswith('"'):
badexamples = badexamples[1:-1]
logger.error(examples)
if len(keywords) == 0:
msg = "A required fieldname is missing"
elif examples == None:
msg = "Value for 'examples' is required"
else:
开发者ID:DRArpitha,项目名称:splunk,代码行数:31,代码来源:erex.py
示例5: error
def error(msg):
# for some reason the old style generateErrorResults aren't making their way into the ui.
# si.generateErrorResults("Usage: searchtxn <transaction_type> <transaction_search>. Ex: searchtxn loginsessions user=bob")
messages = {}
si.addErrorMessage(messages, msg)
si.outputResults([], messages)
exit(0)
开发者ID:DRArpitha,项目名称:splunk,代码行数:7,代码来源:searchtxn.py
示例6: parseSpan
def parseSpan(span):
#maxspan = [<integer> s|m|h|d]
match = re.search("(\d*)([shdwmqy])", span)
if match == None:
si.generateErrorResults(" 'timeunit' argument required, such as s (seconds), h (hours), d (days), w (weeks), y (years). Optionally prefix with a number: 600s (10 minutes), 2w (2 weeks).")
exit(-1)
scalar, units = match.groups()
if len(scalar) == 0:
scalar = 1
secs = scalar = int(scalar)
if units == "s":
pass
elif units == "h":
secs *= 60 * 60
elif units == "d":
secs *= 24 * 60 * 60
elif units == "w":
secs *= 7 * 24 * 60 * 60
elif units == "m":
secs *= 30 * 24 * 60 * 60
elif units == "q":
secs *= 365/4. * 24 * 60 * 60
elif units == "y":
secs *= 365 * 24 * 60 * 60
else:
return None, None, None
return secs, scalar, units
开发者ID:dmuth,项目名称:SeptaStats,代码行数:27,代码来源:timewrap.py
示例7: run
def run(results, fields):
try:
values = set()
for result in results:
field = None
for f,v in result.items():
if f not in ['count','percent']:
field = f
break
else:
continue
value = result[field]
if value.lower() == "other":
value = ' '.join(['NOT %s="%s" ' % (field, v.replace('"','\\"')) for v in values]) + ' %s=*' % field
elif value.lower() == "null":
value = 'NOT %s=*' % field
else:
values.add(value)
value = '%s="%s"' % (field, v.replace('"','\\"'))
result['_drilldown'] = value
if '_drilldown' not in fields:
fields.append('_drilldown')
si.outputResults(results, {}, fields=fields)
except Exception, e2:
stack2 = traceback.format_exc()
si.generateErrorResults("Error '%s'. %s" % (e2, stack2))
开发者ID:dmuth,项目名称:SeptaStats,代码行数:30,代码来源:drilldown.py
示例8: run
def run(spantext, seriesmode, results):
try:
secsPerSpan, scalar, unit = parseSpan(spantext)
maxtime = -1
# for each results
time_data = {}
fields_seen = {}
span = None
latest = None
for result in results:
if maxtime < 0:
try:
maxtime = int(float(result['info_max_time']))
except:
maxtime = int(time.time())
maxtime -= 1 # not inclusive
if '_time' not in result:
raise Exception("Missing required _time field on data")
if span == None and '_span' in result:
span = result['_span']
mytime = int(float(result['_time']))
spansago = int((maxtime-mytime) / secsPerSpan)
new_time = mytime + (spansago * secsPerSpan)
if new_time not in time_data:
time_data[new_time] = { '_time': new_time, '_span': span }
this_row = time_data[new_time]
spanstart = maxtime - ((spansago+1)*secsPerSpan) + 1
series = seriesName(series_mode, scalar, spansago, unit, spanstart)
if spansago == 0: latest = series
acount = len(result)
for k,v in result.items():
if k not in ['_time', 'info_sid', 'info_max_time', 'info_min_time', 'info_search_time', 'info_sid', '_span']:
if k == 'count':
attr = series
else:
attr = '%s_%s' % (k, series)
this_row[attr] = result[k]
fields_seen[attr] = spansago
field_order = fields_seen.items()
field_order.sort(lambda x,y: cmp(x[1], y[1]))
field_order = [f for f,v in field_order]
field_order.insert(0,'_time')
field_order.append('_span')
results = time_data.values()
results.sort(lambda x,y: cmp(x['_time'], y['_time']))
si.outputResults(results, {}, fields=field_order)
except Exception, e2:
stack2 = traceback.format_exc()
si.generateErrorResults("Error '%s'. %s" % (e2, stack2))
开发者ID:dmuth,项目名称:SeptaStats,代码行数:56,代码来源:timewrap.py
示例9: main
def main():
# get config from config file
config = ConfigParser.ConfigParser()
if os.path.exists(os.path.join('..', 'local', 'slack.conf')):
config.readfp(open(os.path.join('..', 'local', 'slack.conf')))
else:
config.readfp(open(os.path.join('..', 'default', 'slack.conf')))
# username and icon can only be set by conf
username = config.get('config', 'username')
icon = config.get('config', 'icon')
# update args if user speicify them in search
channel = kwargs.get('channel', config.get('config', 'channel'))
if not channel.startswith('#'): channel = '#' + channel
if config.get('config', 'allow_user_set_slack_url').lower() in TRUE_VALUES:
url = kwargs.get('url', config.get('config', 'url'))
else:
url = config.get('config', 'url')
# no url specified, dont procceed.
if not url:
raise Exception("Not slack url specified!")
# read search results
results = sis.readResults(None, None, True)
https_proxy = config.get('config', 'proxy')
proxyDict = {
"https" : https_proxy
}
# prepare data to be sent to slack
data = {
'text': get_pretty_table(results),
'username': username,
'channel': channel,
'icon_url': icon,
'mrkdwn': True,
}
if https_proxy != "":
# send data to slack.
r = requests.post(url, data=json.dumps(data), proxies=proxyDict)
else:
r = requests.post(url, data=json.dumps(data))
if r.status_code == 200:
sis.outputResults(results)
else:
err_msg = ("Error sending results to slack, reason: {r}, {t}".format(
r=r.reason, t=r.text))
sis.generateErrorResults(err_msg)
开发者ID:bshuler,项目名称:pstools,代码行数:54,代码来源:slack.py
示例10: getRanges
def getRanges(options):
ranges = {}
for name,startend in options.items():
if name in ['field','default']:
continue
try:
start,end = re.match("(-?\d+)-(-?\d+)", startend).groups()
ranges[name] = (float(start),float(end))
except:
si.generateErrorResults("Invalid range: '%s'. '<start_num>-<end_num>' expected." % startend)
exit(0)
return ranges
开发者ID:DRArpitha,项目名称:splunk,代码行数:12,代码来源:rangemap.py
示例11: main
def main():
# get config from config file
config = ConfigParser.ConfigParser()
config.readfp(open(os.path.join('..', 'default', 'hipchat.conf')))
# update args if user speicify them in search
room = kwargs.get('room', config.get('default', 'room'))
color = kwargs.get('color', config.get('default', 'color'))
notify = kwargs.get('notify', config.get('default', 'notify'))
msg_fmt = kwargs.get('message_format',
config.get('default', 'message_format'))
if config.get('default', 'allow_users_set_base_url').lower() in TRUE_VALUES:
base_url = kwargs.get('base_url', config.get('default', 'base_url'))
else:
base_url = config.get('default', 'base_url')
# check if auth token is set properly
try:
auth_token = {"auth_token": config.get(room, 'auth_token')}
except ConfigParser.NoSectionError as e:
raise Exception("Room not set, please set the room stanza")
except ConfigParser.NoOptionError as e:
raise Exception("Auth token not set, please set auth token for room")
# construct url
url = base_url + "{s}{r}/notification".format(
s='' if base_url.endswith('/') else '/', r=room)
# read search results
results = sis.readResults(None, None, True)
# prepare data to be sent
data = {
'message': get_pretty_table(results, msg_fmt),
'message_format': msg_fmt,
'color': color,
'notify': notify.lower() in TRUE_VALUES
}
# send data
headers = {'Content-type': 'application/json'}
r = requests.post(url,
data=json.dumps(data),
params=auth_token,
headers=headers)
if r.status_code == 204:
sis.outputResults(results)
else:
err_msg = ("Error sending results to slack, reason: {r}, {t}".format(
r=r.reason, t=r.text))
sis.generateErrorResults(err_msg)
开发者ID:billcchung,项目名称:splunk_hipchat,代码行数:53,代码来源:hipchat.py
示例12: _handle_response
def _handle_response(self, response, content):
if response.status in (200, 201):
resp = self._get_resp_record(content)
if resp:
result = self._get_result(resp)
else:
result = {"error": "Failed to create ticket"}
self.logger.debug(result)
return result
else:
self.logger.error("Failed to create ticket. Return code is %s. "
"Reason is %s", response.status, response.reason)
si.parseError("Failed to create ticket. Return code is {0}. Reason"
" is {1}".format(response.status, response.reason))
return None
开发者ID:chenziliang,项目名称:src,代码行数:15,代码来源:spark_base.py
示例13: parse_pstacks
def parse_pstacks():
results = []
keywords, options = si.getKeywordsAndOptions()
separator = options.get('separator', DEFAULT_SEPARATOR)
fileorderindex = int(options.get('fileorderindex', DEFAULT_FOI))
timeorderindex = int(options.get('timeorderindex', DEFAULT_TSI))
if len(keywords)==0:
raise Exception("requires path to pstack file(s)")
gpath = keywords.pop(0)
gpath = gpath.replace("\\\\", "\\")
gpath = gpath.replace('\[', '[')
gpath = gpath.replace('\]', ']')
# find all files matching
complete_path = os.path.expanduser(
os.path.expandvars(gpath))
glob_matches = glob.glob(complete_path)
logger.error("complete path: %s" % complete_path)
logger.error("glob matches: %s" % glob_matches)
if len(glob_matches)==0:
logger.error("No file matching %s" % complete_path)
raise Exception("No files matching %s." % complete_path)
for pfile in glob_matches:
logger.error("parsing file: %s" % pfile)
results += parse_pstack_file(pfile, separator, fileorderindex, timeorderindex)
#return results
return results
开发者ID:nachiketmistry,项目名称:splunk-app-pstack,代码行数:35,代码来源:parsepstacks.py
示例14: main
def main():
if len(sys.argv) < 3:
usage()
tname = sys.argv[1]
#log("args")
#for v in sys.argv:
# log(v)
options = ["max_terms", "use_disjunct", "eventsonly"]
srchargs = []
log("ARGS: %s" % sys.argv[2:])
for arg in sys.argv[2:]:
for option in options:
if arg.startswith(option):
break
else:
srchargs.append(arg)
if len(srchargs) == 0:
usage()
tsearch = ' '.join(srchargs)
log("SEARCH: %s" % tsearch)
results,dummyresults,settings = si.getOrganizedResults()
results = [] # we don't care about incoming results
########TEST#####################
if 'sessionKey' not in settings:
settings['owner'] = 'admin'
settings['password'] = 'changeme'
settings['namespace'] = 'search'
settings['sessionKey'] = splunk.auth.getSessionKey('admin', 'changeme')
########TEST####################
kwargs = {}
for f in ['owner','namespace','sessionKey','hostPath']:
if f in settings:
kwargs[f] = settings[f]
messages = {}
try:
maxTerms = int(settings.get("max_terms", MAX_SEARCH_COMPLEXITY))
if maxTerms > MAX_SEARCH_COMPLEXITY or maxTerms < 1:
si.addWarnMessage(messages, "max_terms must be between 1 and %s. Using default." % MAX_SEARCH_COMPLEXITY)
maxTerms = MAX_SEARCH_COMPLEXITY
except Exception, e:
maxTerms = MAX_SEARCH_COMPLEXITY
开发者ID:DRArpitha,项目名称:splunk,代码行数:47,代码来源:searchtxn.py
示例15: getSplunkConf
def getSplunkConf():
results, dummyresults, settings = isp.getOrganizedResults()
namespace = settings.get("namespace", None)
owner = settings.get("owner", None)
sessionKey = settings.get("sessionKey", None)
conf = sb.getConf('jira', namespace=namespace, owner=owner, sessionKey=sessionKey)
stanza = conf.get('jira')
return stanza
开发者ID:Scene53,项目名称:splunk-jira,代码行数:10,代码来源:jiracommon.py
示例16: main
def main():
try:
messages = {}
keywords,options = si.getKeywordsAndOptions()
DEFAULT_MAX_TYPES = 10
maxtypes = options.get('max', str(DEFAULT_MAX_TYPES))
error = None
if not maxtypes.isdigit():
error = 'max must be an integer between 1-%s.' % MAXRESULTS
else:
maxtypes = int(maxtypes)
if not (0 < maxtypes <= MAXRESULTS):
error = 'max must be an integer between 1-%s.' % MAXRESULTS
if error:
si.generateErrorResults(error)
return
ignore_covered = 'notcovered' in keywords
useraw = 'useraw' in keywords
results,dummyresults,settings = si.getOrganizedResults()
#for r in results:
# for attr in r:
# print attr, r[attr], len(r[attr])
if len(results) > MAXRESULTS:
results = results[:MAXRESULTS]
si.addWarnMessage(messages, "For performance reasons, the maximum number of results used to discover event types was capped at %s. Consider a more restrictive search." % MAXRESULTS)
argc = len(sys.argv)
argv = sys.argv
sessionKey = settings.get("sessionKey", None)
owner = settings.get("owner", None)
namespace = settings.get("namespace", None)
searchhead = ''
try:
searches = sutils.getCommands(settings.get("search", ''), None)
firstcmd = searches[0][0][0]
firstarg = searches[0][0][1].strip()
if firstcmd == 'search' and firstarg != '*':
searchhead = firstarg
except Exception, e:
pass
results = discover(results, searchhead, maxtypes, ignore_covered, useraw)
if len(results) == 0:
si.addWarnMessage(messages, "Unable to isolate useful groups of events.")
开发者ID:DRArpitha,项目名称:splunk,代码行数:51,代码来源:typelearner.py
示例17: parseArgs
def parseArgs(txt):
m = re.match('\s*(?:(?P<count>-?\d+)\s+)?(?P<variables>.+)', txt)
if m == None:
si.parseError(usage())
md = m.groupdict()
counttext = md['count']
count = 1
if counttext != None:
count = int(counttext)
variables = md['variables']
mapping = []
matches = re.findall("(?i)\s*(?:(?P<alias>[a-z0-9_.]+)\s*[=])?\s*(?P<field>[$a-z0-9_.]+)", variables)
for alias, value in matches:
if value.startswith('$'):
value = value[1:]
elif alias == '':
alias = value
mapping.append((alias, value))
return count, mapping
开发者ID:torstefan,项目名称:derp,代码行数:21,代码来源:return.py
示例18: getArgs
def getArgs():
badcounts = False
try:
maxcount = int(options.get('maxcount', '20'))
if maxcount <= 0:
badcounts = True
except:
badcounts = True
if badcounts:
si.generateErrorResults("Error: invalid required 'maxcount' (1-INF) setting.")
exit()
sizefield = options.get('sizefield', 'totalCount')
pathfield = options.get('pathfield', 'source')
if sizefield == None or pathfield == None:
si.generateErrorResults("Error: both pathfield and sizefield must be specified.")
exit()
countfield = options.get('countfield', 'count')
delimiter = options.get('sep', os.sep)
return maxcount, sizefield, pathfield, countfield, delimiter
开发者ID:grefly,项目名称:splunk-apps,代码行数:21,代码来源:bucketdir.py
示例19: run
def run(messages, count, mapping):
results = si.readResults(None, None, True)
ORS = []
seenValues = set() # dedup rows
for i, result in enumerate(results):
if count > 0 and i >= count:
break
ANDS = []
for j, (renamed, attr) in enumerate(mapping):
val = str(result.get(attr,''))
if renamed == None or renamed == '':
if val != '':
ANDS.append(val)
else:
ANDS.append('%s="%s"' % (renamed, val))
andstr = str(ANDS)
if len(ANDS) > 0 and andstr not in seenValues:
ORS.append(ANDS)
seenValues.add(andstr)
output = ""
if len(ORS) > 1:
output += "("
for i, OR in enumerate(ORS):
if i > 0:
output += ") OR ("
for j, AND in enumerate(OR):
if j > 0:
output += " " #" AND "
output += AND
if len(ORS) > 1:
output += ")"
si.outputResults([{'search': output}], messages)
开发者ID:torstefan,项目名称:derp,代码行数:36,代码来源:return.py
示例20: execute
def execute():
results = []
try:
results, dummyresults, settings = si.getOrganizedResults()
# default values
args = {"namespace": "search"}
# get commandline args
keywords, options = si.getKeywordsAndOptions()
# override default args with settings from search kernel
args.update(settings)
# override default args with commandline args
args.update(options)
sessionKey = args.get("sessionKey", None)
owner = args.get("owner", "admin")
namespace = args.get("namespace", None)
if namespace.lower() == "none":
namespace = None
messages = {}
if sessionKey == None:
# this shouldn't happen, but it's useful for testing.
try:
sessionKey = sa.getSessionKey("admin", "changeme")
si.addWarnMessage(
messages, "No session given to 'tune' command. Using default admin account and password."
)
except splunk.AuthenticationFailed, e:
si.addErrorMessage(messages, "No session given to 'tune' command.")
return
if len(keywords) != 1:
usage()
# e.g., '/data/inputs/monitor'
entity = keywords[0]
logger.info("Entity: %s Args: %s" % (entity, args))
results = [] # we don't care about incoming results
try:
entitys = en.getEntities(entity, sessionKey=sessionKey, owner=owner, namespace=namespace, count=-1)
for name, entity in entitys.items():
try:
myapp = entity["eai:acl"]["app"]
if namespace != None and myapp != namespace:
continue
except:
continue # if no eai:acl/app, filter out
result = entityToResult(name, entity)
results.append(result)
except splunk.ResourceNotFound, e2:
pass
开发者ID:Raboo,项目名称:chef-splunk,代码行数:55,代码来源:entity.py
注:本文中的splunk.Intersplunk类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论