Merge branch 'main' into docs/data-access-v3-architecture

Author: ekremney

package-lock.json

@@ -1,3 +1,9 @@
+## [@adobe/spacecat-shared-splunk-client-v1.1.0](https://github.com/adobe/spacecat-shared/compare/@adobe/spacecat-shared-splunk-client-v1.0.30...@adobe/spacecat-shared-splunk-client-v1.1.0) (2026-02-27)
+
+### Features
+
+* add slack for redirects ([#1365](https://github.com/adobe/spacecat-shared/issues/1365)) ([7b8176e](https://github.com/adobe/spacecat-shared/commit/7b8176ec7e6788b60da7b76f8924c71f4ef0b26a))
+
 # [@adobe/spacecat-shared-splunk-client-v1.0.30](https://github.com/adobe/spacecat-shared/compare/@adobe/spacecat-shared-splunk-client-v1.0.29...@adobe/spacecat-shared-splunk-client-v1.0.30) (2026-01-29)
 
 

packages/spacecat-shared-splunk-client/CHANGELOG.md

@@ -1,6 +1,6 @@
 {
   "name": "@adobe/spacecat-shared-splunk-client",
-  "version": "1.0.30",
+  "version": "1.1.0",
   "description": "Shared modules of the Spacecat Services - Splunk Client",
   "type": "module",
   "engines": {

packages/spacecat-shared-splunk-client/package.json

@@ -22,6 +22,14 @@ export interface SplunkAPIOptions {
   mode: string;
   output: string;
 }
+export type SplunkLoginResult =
+  | { sessionId: string; cookie: string }
+  | { error: unknown };
+
+export interface SplunkOneshotResponse {
+  results?: Array<Record<string, unknown>>;
+  [key: string]: unknown;
+}
 
 export default class SplunkAPIClient {
   /**
@@ -45,7 +53,13 @@ export default class SplunkAPIClient {
    * @param password
    */
   login(username?: string, password?: string):
-    Promise<{ result: object }>;
+    Promise<SplunkLoginResult>;
+
+  /**
+   * Execute an ad-hoc Splunk oneshot search.
+   * Throws on error.
+   */
+  oneshotSearch(searchString: string): Promise<SplunkOneshotResponse>;
 
   /**
    * Asynchronous method to check for Not Found errors
@@ -56,5 +70,8 @@ export default class SplunkAPIClient {
    * @param password
    */
   getNotFounds(minutes?: number, username?: string, password?: string):
-    Promise<{ result: object }>;
+    Promise<
+      | { results: Array<Record<string, unknown>> }
+      | { error: unknown }
+    >;
 }

packages/spacecat-shared-splunk-client/src/index.d.ts

@@ -144,4 +144,51 @@ export default class SplunkAPIClient {
 
     return returnObj;
   }
+
+  /**
+   * Execute an ad-hoc Splunk oneshot search and return the JSON payload.
+   *
+   * @param {string} searchString SPL query string (e.g. `search index=... | stats ...`)
+   * @returns {Promise<object>} Splunk oneshot search response JSON
+   */
+  async oneshotSearch(searchString) {
+    if (typeof searchString !== 'string' || searchString.trim().length === 0) {
+      throw new Error('Missing searchString');
+    }
+
+    // Additive behavior: reuse existing login state, otherwise login now.
+    if (!this.loginObj) {
+      this.loginObj = await this.login();
+    }
+    if (this.loginObj?.error) {
+      const err = this.loginObj.error;
+      this.loginObj = null;
+      throw (err instanceof Error ? err : new Error(String(err)));
+    }
+
+    const queryBody = new URLSearchParams({
+      search: searchString,
+      adhoc_search_level: 'fast',
+      exec_mode: 'oneshot',
+      output_mode: 'json',
+    });
+
+    const url = `${this.apiBaseUrl}/servicesNS/admin/search/search/jobs`;
+    const response = await this.fetchAPI(url, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: `Splunk ${this.loginObj.sessionId}`,
+        Cookie: this.loginObj.cookie,
+      },
+      body: queryBody,
+    });
+
+    if (response.status !== 200) {
+      const body = await response.text();
+      throw new Error(`Splunk oneshot search failed. Status: ${response.status}. Body: ${body}`);
+    }
+
+    return response.json();
+  }
 }

packages/spacecat-shared-splunk-client/src/index.js

@@ -210,4 +210,80 @@ describe('SplunkAPIClient unit tests', () => {
       });
     });
   });
+
+  describe('oneshotSearch', () => {
+    it('throws when searchString is missing', async () => {
+      await expect(client.oneshotSearch('')).to.be.rejectedWith('Missing searchString');
+    });
+
+    it('runs oneshot search after login', async () => {
+      nock(config.apiBaseUrl)
+        .post('/services/auth/login')
+        .reply(200, loginSuccessResponse, { 'Set-Cookie': loginSuccessSetCookieHeader });
+
+      nock(config.apiBaseUrl)
+        .post('/servicesNS/admin/search/search/jobs')
+        .reply(200, notFoundsResponse);
+
+      const resp = await client.oneshotSearch('search index=dx_aem_engineering | head 1');
+      expect(resp).to.deep.equal(notFoundsResponse);
+    });
+
+    it('reuses login across calls', async () => {
+      nock(config.apiBaseUrl)
+        .post('/services/auth/login')
+        .once()
+        .reply(200, loginSuccessResponse, { 'Set-Cookie': loginSuccessSetCookieHeader });
+
+      nock(config.apiBaseUrl)
+        .post('/servicesNS/admin/search/search/jobs')
+        .twice()
+        .reply(200, notFoundsResponse);
+
+      await client.oneshotSearch('search index=dx_aem_engineering | head 1');
+      await client.oneshotSearch('search index=dx_aem_engineering | head 1');
+    });
+
+    it('runs without logging in if loginObj is already set', async () => {
+      client.loginObj = { sessionId: 'sessionKey123', cookie: 'cookie123' };
+
+      nock(config.apiBaseUrl)
+        .post('/servicesNS/admin/search/search/jobs')
+        .reply(200, notFoundsResponse);
+
+      const resp = await client.oneshotSearch('search index=dx_aem_engineering | head 1');
+      expect(resp).to.deep.equal(notFoundsResponse);
+    });
+
+    it('throws with non-200 response', async () => {
+      nock(config.apiBaseUrl)
+        .post('/services/auth/login')
+        .reply(200, loginSuccessResponse, { 'Set-Cookie': loginSuccessSetCookieHeader });
+
+      nock(config.apiBaseUrl)
+        .post('/servicesNS/admin/search/search/jobs')
+        .reply(400, { error: 'bad_request' });
+
+      await expect(client.oneshotSearch('search index=dx_aem_engineering | head 1'))
+        .to.be.rejectedWith('Splunk oneshot search failed. Status: 400');
+    });
+
+    it('propagates login parse errors (error is an Error instance)', async () => {
+      nock(config.apiBaseUrl)
+        .post('/services/auth/login')
+        .reply(200, invalidResponse);
+
+      await expect(client.oneshotSearch('search index=dx_aem_engineering | head 1'))
+        .to.be.rejected;
+    });
+
+    it('throws when login fails (error is string)', async () => {
+      nock(config.apiBaseUrl)
+        .post('/services/auth/login')
+        .reply(401, loginFailedResponse);
+
+      await expect(client.oneshotSearch('search index=dx_aem_engineering | head 1'))
+        .to.be.rejectedWith('Login failed');
+    });
+  });
 });