本文整理汇总了Python中splunk.Intersplunk.getKeywordsAndOptions方法的典型用法代码示例。如果您正苦于以下问题:Python Intersplunk.getKeywordsAndOptions方法的具体用法?Python Intersplunk.getKeywordsAndOptions怎么用?Python Intersplunk.getKeywordsAndOptions使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类splunk.Intersplunk的用法示例。
在下文中一共展示了Intersplunk.getKeywordsAndOptions方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: parse_pstacks
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
def parse_pstacks():
results = []
keywords, options = si.getKeywordsAndOptions()
separator = options.get('separator', DEFAULT_SEPARATOR)
fileorderindex = int(options.get('fileorderindex', DEFAULT_FOI))
timeorderindex = int(options.get('timeorderindex', DEFAULT_TSI))
if len(keywords)==0:
raise Exception("requires path to pstack file(s)")
gpath = keywords.pop(0)
gpath = gpath.replace("\\\\", "\\")
gpath = gpath.replace('\[', '[')
gpath = gpath.replace('\]', ']')
# find all files matching
complete_path = os.path.expanduser(
os.path.expandvars(gpath))
glob_matches = glob.glob(complete_path)
logger.error("complete path: %s" % complete_path)
logger.error("glob matches: %s" % glob_matches)
if len(glob_matches)==0:
logger.error("No file matching %s" % complete_path)
raise Exception("No files matching %s." % complete_path)
for pfile in glob_matches:
logger.error("parsing file: %s" % pfile)
results += parse_pstack_file(pfile, separator, fileorderindex, timeorderindex)
#return results
return results示例2: execute
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
def execute():
results = []
try:
results, dummyresults, settings = si.getOrganizedResults()
# default values
args = {"namespace": "search"}
# get commandline args
keywords, options = si.getKeywordsAndOptions()
# override default args with settings from search kernel
args.update(settings)
# override default args with commandline args
args.update(options)
sessionKey = args.get("sessionKey", None)
owner = args.get("owner", "admin")
namespace = args.get("namespace", None)
if namespace.lower() == "none":
namespace = None
messages = {}
if sessionKey == None:
# this shouldn't happen, but it's useful for testing.
try:
sessionKey = sa.getSessionKey("admin", "changeme")
si.addWarnMessage(
messages, "No session given to 'tune' command. Using default admin account and password."
)
except splunk.AuthenticationFailed, e:
si.addErrorMessage(messages, "No session given to 'tune' command.")
return
if len(keywords) != 1:
usage()
# e.g., '/data/inputs/monitor'
entity = keywords[0]
logger.info("Entity: %s Args: %s" % (entity, args))
results = [] # we don't care about incoming results
try:
entitys = en.getEntities(entity, sessionKey=sessionKey, owner=owner, namespace=namespace, count=-1)
for name, entity in entitys.items():
try:
myapp = entity["eai:acl"]["app"]
if namespace != None and myapp != namespace:
continue
except:
continue # if no eai:acl/app, filter out
result = entityToResult(name, entity)
results.append(result)
except splunk.ResourceNotFound, e2:
pass示例3: main
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
def main():
try:
messages = {}
keywords,options = si.getKeywordsAndOptions()
DEFAULT_MAX_TYPES = 10
maxtypes = options.get('max', str(DEFAULT_MAX_TYPES))
error = None
if not maxtypes.isdigit():
error = 'max must be an integer between 1-%s.' % MAXRESULTS
else:
maxtypes = int(maxtypes)
if not (0 < maxtypes <= MAXRESULTS):
error = 'max must be an integer between 1-%s.' % MAXRESULTS
if error:
si.generateErrorResults(error)
return
ignore_covered = 'notcovered' in keywords
useraw = 'useraw' in keywords
results,dummyresults,settings = si.getOrganizedResults()
#for r in results:
# for attr in r:
# print attr, r[attr], len(r[attr])
if len(results) > MAXRESULTS:
results = results[:MAXRESULTS]
si.addWarnMessage(messages, "For performance reasons, the maximum number of results used to discover event types was capped at %s. Consider a more restrictive search." % MAXRESULTS)
argc = len(sys.argv)
argv = sys.argv
sessionKey = settings.get("sessionKey", None)
owner = settings.get("owner", None)
namespace = settings.get("namespace", None)
searchhead = ''
try:
searches = sutils.getCommands(settings.get("search", ''), None)
firstcmd = searches[0][0][0]
firstarg = searches[0][0][1].strip()
if firstcmd == 'search' and firstarg != '*':
searchhead = firstarg
except Exception, e:
pass
results = discover(results, searchhead, maxtypes, ignore_covered, useraw)
if len(results) == 0:
si.addWarnMessage(messages, "Unable to isolate useful groups of events.")示例4: yamuser
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
def yamuser():
try:
# logger = dcu.getLogger()
# logger.info("Starting the yamuser command")
# Get configuration values from jira.conf
splunk_conf = yammercommon.getSplunkConf()
# logger.root.setLevel(logging.DEBUG)
local_conf = yammercommon.getLocalConf()
access_token = local_conf.get('yammercommon', 'access_token')
# logger.debug("Access Token %s" % access_token)
yammer = yampy.Yammer(access_token=access_token)
results, dummyresults, settings = isp.getOrganizedResults()
keywords, options = isp.getKeywordsAndOptions()
output_field = options.get('out', 'yammer_user_full_name')
user_id_fld = options.get('field', 'sender_id')
#userid = argvals.get("id")
if results:
for result in results:
userid = result[user_id_fld]
if userid:
#user = yammer.users.find(userid)
result[str(output_field)] = "test"
#user.full_name
else:
result={}
#user = yammer.users.find(userid)
#result[str(user_name)] = user.full_name
#results.append(result)
splunk.Intersplunk.outputResults(results)
except Exception, e:
import traceback
stack = traceback.format_exc()
splunk.Intersplunk.generateErrorResults(str(e))示例5: raw_pstack
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
def raw_pstack():
results = []
keywords, options = si.getKeywordsAndOptions()
separator = options.get('separator', DEFAULT_SEPARATOR)
fileorderindex = int(options.get('fileorderindex', DEFAULT_FOI))
thread_id = options.get('threadid', DEFAULT_THREADID)
reverse = options.get('reverse', DEFAULT_REVERSE)
timeorderindex = int(options.get('timeorderindex', DEFAULT_TSI))
if len(keywords)==0:
raise Exception("requires path to pstack file(s)")
gpath = keywords.pop(0).strip()
logger.error("b4 gpath = %s" % gpath)
gpath = gpath.replace("\\\\", "\\")
gpath = gpath.replace("\[", "[")
gpath = gpath.replace("\]", "]")
logger.error("gpath = %s" % gpath)
# find all files matching
complete_path = os.path.expanduser(
os.path.expandvars(gpath))
glob_matches = glob.glob(complete_path)
logger.debug("complete path: %s" % complete_path)
logger.debug("glob matches: %s" % glob_matches)
if len(glob_matches)==0:
logger.error("No file matching %s" % complete_path)
raise Exception("No files matching %s." % complete_path)
for pfile in glob_matches:
logger.error("parsing file: %s" % pfile)
results += parse_raw_pstack(pfile, thread_id, reverse, separator, fileorderindex, timeorderindex)
#return results
return results示例6: get_pretty_table
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
# send splunk results to slack
import prettytable
import ConfigParser
import requests
import json
import os
import sys
import splunk.Intersplunk as sis
(a, kwargs) = sis.getKeywordsAndOptions()
TRUE_VALUES = ['true', '1', 't', 'y', 'yes']
def get_pretty_table(results):
if results:
keys = results[0].keys()
else:
return ''
x = prettytable.PrettyTable(keys, padding_width=4)
for row in results:
x.add_row([row[k] for k in keys])
return "```" + x.get_string() + "```"
def main():
# get config from config file
config = ConfigParser.ConfigParser()
config.readfp(open(os.path.join('..', 'default', 'slack.conf')))
# username and icon can only be set by conf
username = config.get('config', 'username')
icon = config.get('config', 'icon')示例7: len
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
import hashlib
import splunk.Intersplunk as si
if __name__ == '__main__':
try:
keywords,options = si.getKeywordsAndOptions()
if len(keywords) == 0:
si.generateErrorResults('Requires fields list.')
exit(0)
search = ' '.join(keywords)
results,dummyresults,settings = si.getOrganizedResults()
for result in results:
eventSignature = '-=XXX=-'.join([result.get(field,'') for field in keywords])
sigHash = hashlib.md5(eventSignature).hexdigest()
result['_icon'] = sigHash
si.outputResults(results)
except Exception, e:
import traceback
stack = traceback.format_exc()
si.generateErrorResults("Error '%s'. %s" % (e, stack))
示例8: Client
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
# Get configuration values from config.ini
local_conf = jiracommon.getLocalConf()
hostname = local_conf.get('jira', 'hostname')
username = local_conf.get('jira', 'username')
password = local_conf.get('jira', 'password')
protocol = local_conf.get('jira', 'soap_protocol');
port = local_conf.get('jira', 'soap_port');
url = "%s://%s:%s/rpc/soap/jirasoapservice-v2?wsdl" % (protocol, hostname, port)
logger.info(url)
client = Client(url)
auth = client.service.login(username, password)
keywords, argvals = isp.getKeywordsAndOptions()
time_option = argvals.get('time', "now")
logger.info('argv: ' + str(sys.argv))
if sys.argv[1] == 'filters':
filters = client.service.getFavouriteFilters(auth)
keys = (('author', None), ('id', None), ('name', None))
results = []
for filter in filters:
row = jiracommon.flatten(filter, keys)
logger.info(time.time())
row['host'] = hostname示例9: setup_logging
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
result = False
if is_bool:
rex = "^(?:t|true|1|yes)$"
if (rex is None and arg in argvals) or (arg in argvals and re.match(rex, argvals[arg])):
result = True
return result
if __name__ == '__main__':
logger = setup_logging()
logger.info('starting..')
eStart = time.time()
try:
results = si.readResults(None, None, False)
keywords, argvals = si.getKeywordsAndOptions()
validate_args(keywords, argvals)
if arg_on_and_enabled(argvals, "debug", is_bool=True):
logger.setLevel(logging.DEBUG)
logger.debug("detecting debug argument passed, setting command log_level=DEBUG")
output_column_name = "mvmath"
if arg_on_and_enabled(argvals, "labelfield"):
output_column_name = argvals['labelfield']
if arg_on_and_enabled(argvals, "prefix"):
output_column_name = argvals['prefix'] + output_column_name
for row in results:
if argvals['field'] in row and argvals['field2'] in row:示例10: Client
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
local_conf = jiracommon.getLocalConf()
hostname = local_conf.get('jira', 'hostname')
port = local_conf.get('jira', 'port')
proto = local_conf.get('jira', 'porotocol')
baseURL = local_conf.get('jira', 'baseURL')
username = local_conf.get('jira', 'username')
password = local_conf.get('jira', 'password')
url = "%s://%s:%s/%s/rpc/soap/jirasoapservice-v2?wsdl" % (proto, hostname, port, baseURL)
logger.info(url)
client = Client(url)
auth = client.service.login(username, password)
keywords, options = isp.getKeywordsAndOptions()
logger.info('keywords: ' + str(keywords))
logger.info('options: ' + str(options))
if keywords[0] == 'filters':
filters = client.service.getFavouriteFilters(auth)
keys = (('author', None), ('id', None), ('name', None))
results = []
for jfilter in filters:
row = jiracommon.flatten(jfilter, keys)
logger.info(time.time())
row['_time'] = int(time.time())
row['_raw'] = row示例11: int
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
########TEST####################
kwargs = {}
for f in ['owner','namespace','sessionKey','hostPath']:
if f in settings:
kwargs[f] = settings[f]
messages = {}
try:
maxTerms = int(settings.get("max_terms", MAX_SEARCH_COMPLEXITY))
if maxTerms > MAX_SEARCH_COMPLEXITY or maxTerms < 1:
si.addWarnMessage(messages, "max_terms must be between 1 and %s. Using default." % MAX_SEARCH_COMPLEXITY)
maxTerms = MAX_SEARCH_COMPLEXITY
except Exception, e:
maxTerms = MAX_SEARCH_COMPLEXITY
dummy,options = si.getKeywordsAndOptions()
makeORs = isTrue(options.get("use_disjunct", "t"))
eventsOnly = isTrue(options.get("eventsonly", "f"))
log("MAXTERMS: %s MAKEORS: %s eventsOnly: %s" % (maxTerms, makeORs, eventsOnly))
log("tsearch: %s" % tsearch)
results = []
try:
results = findTransaction(tname, tsearch, makeORs, eventsOnly, maxTerms, messages, **kwargs)
except Exception, e:
error(e)
events = []
log("RESULTS: %s" % len(results))
for result in results: # api fail示例12: execute
# 需要导入模块: from splunk import Intersplunk [as 别名]
# 或者: from splunk.Intersplunk import getKeywordsAndOptions [as 别名]
def execute():
results = []
try:
results, dummyresults, settings = si.getOrganizedResults()
keywords, options = si.getKeywordsAndOptions()
settings.update(options)
sessionKey = settings.get("sessionKey", None)
if TESTING and sessionKey == None:
sessionKey = auth.getSessionKey('admin', 'changeme')
owner = settings.get("owner", None)
namespace = settings.get("namespace", "search")
scriptname = settings.get("script", None)
prerun_str = settings.get("prerun", "True").lower()
prerun = prerun_str.startswith('t') or prerun_str.startswith('y') or prerun_str.startswith('1')
log("sessionKey %s owner %s namespace %s script %s prerun %s" % (sessionKey, owner, namespace, scriptname, prerun))
if scriptname == None:
raise Exception('"script" value required')
if ".." in scriptname or "/" in scriptname or "\\" in scriptname:
raise Exception('pathname cannot contain cannot contain "..", "/", or "\\".')
home = si.splunkHome()
localpath = os.path.join('etc', 'apps', namespace, 'scripts', scriptname + ".ss")
pathname = os.path.join(home, localpath)
if not os.path.exists(pathname):
raise Exception('script path does not exist: "%s"' % os.path.join("SPLUNK_HOME", localpath))
log("pathname %s" % (pathname))
real_stdout = sys.stdout
if CAN_STREAM_RESULTS_ANY_TIME:
# output results immediately to stdout
result_stream = sys.stdout
else:
# output results once all done
result_stream = StringIO.StringIO()
# capture debugging stdout to StringIO, but have real stdout used for outputting results as streamed
sys.stdout = StringIO.StringIO()
script = scripting.Script(sessionKey, owner, namespace, path=pathname, prerunfix=prerun, outputstream=result_stream)
side_effects = script.run()
log("side_effects %s" % (side_effects))
# output non-results -- variables and print statements from scripts
sys.stdout.flush()
messages = {}
si.addInfoMessage(messages, "Variable values: %s" % side_effects)
si.addInfoMessage(messages, "Standard output: %s" % sys.stdout.getvalue())
# reset stdout
sys.stdout = real_stdout
OUTPUT_MSGS = True
if OUTPUT_MSGS:
# si.outputResults(None, messages)
for level, messages in messages.items():
for msg in messages:
print "%s=%s" % (level, normalizeMsg(msg))
print
# we haven't output results yet. do it now.
if not CAN_STREAM_RESULTS_ANY_TIME:
result_stream.flush()
print result_stream.getvalue()
except Exception, e:
sys.stdout = real_stdout
import traceback
msg = "%s. Traceback: %s" % (e, traceback.format_exc())
log("error %s" % msg)
si.generateErrorResults(msg)