Updates to:

`splunkversioncontrol_backup_class.py`

`splunkversioncontrol_restore_class.py`

To remove passwords in more cases

Updates to dashboards:
`splunkversioncontrol_restore.xml`

`splunkversioncontrol_restore_dynamic.xml`

To provide a drop down list of available knowledge objects in addition to the text field option

Updated reports:
`SplunkVersionControl CheckAdmin` - simplified to use the Splunk users list

`splunk_vc_kom_audit_summary` - updated to ignore the manager URI's and handle proxied REST calls from the KOM report

Author: gjanders

README.md

@@ -289,6 +289,26 @@ To do this you will need to install Version Control For SplunkCloud on your Splu
 [SplunkVersionControlCloud github](https://github.com/gjanders/SplunkVersionControlCloud)
 
 ## Release Notes
+### 1.2.5
+Updates to:
+`splunkversioncontrol_backup_class.py`
+
+`splunkversioncontrol_restore_class.py`
+
+To remove passwords in more cases
+
+Updates to dashboards:
+`splunkversioncontrol_restore.xml`
+
+`splunkversioncontrol_restore_dynamic.xml`
+
+To provide a drop down list of available knowledge objects in addition to the text field option
+
+Updated reports:
+`SplunkVersionControl CheckAdmin` - simplified to use the Splunk users list
+
+`splunk_vc_kom_audit_summary` - updated to ignore the manager URI's and handle proxied REST calls from the KOM report
+
 ### 1.2.4
 Updated `splunk_vc_kom_audit_summary` report
 

bin/splunkversioncontrol_backup_class.py

@@ -1616,7 +1616,6 @@ def run_script(self):
 
             if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
                 if not self.show_passwords and self.git_password:
-                    output = output.replace(self.git_password, "password_removed")
                     stderrout = stderrout.replace(self.git_password, "password_removed")
                 logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
                 gitFailure = True
@@ -1705,6 +1704,8 @@ def run_script(self):
                 logger.error("i=\"%s\" git configuration failed for some reason output=\"%s\", stderrout=\"%s\"" % (self.stanzaName, output2, stderrout2))
 
         if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
+            if not self.show_passwords and self.git_password:
+                stderrout = stderrout.replace(self.git_password, "password_removed")
             logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
             gitFailure = True
 
@@ -1850,6 +1851,8 @@ def run_script(self):
                 logger.error("i=\"%s\" git configuration failed for some reason output=\"%s\", stderrout=\"%s\"" % (self.stanzaName, output2, stderrout2))
 
         if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
+            if not self.show_passwords and self.git_password:
+                stderrout = stderrout.replace(self.git_password, "password_removed")
             logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
             gitFailure = True
 
@@ -1890,6 +1893,8 @@ def run_script(self):
                     else:
                         logger.warn("i=\"%s\" unable to obtain the macro required to run the knowledge objects query" % (self.stanzaName))
             if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
+                if not self.show_passwords and self.git_password:
+                    stderrout = stderrout.replace(self.git_password, "password_removed")
                 logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
                 gitFailure = True
             else:

bin/splunkversioncontrol_restore_class.py

@@ -1334,7 +1334,6 @@ def run_script(self, restlist_override=None, config_override=None):
 
             if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
                 if not self.show_passwords and self.git_password:
-                    output = output.replace(self.git_password, "password_removed")
                     stderrout = stderrout.replace(self.git_password, "password_removed")
                 logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
                 gitFailure = True
@@ -1374,6 +1373,8 @@ def run_script(self, restlist_override=None, config_override=None):
                 logger.info("i=\"%s\" Successfully ran the git pull for URL=%s from directory dir=%s" % (self.stanzaName, self.gitRepoURL_logsafe, self.gitRootDir))
 
             if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
+                if not self.show_passwords and self.git_password:
+                    stderrout = stderrout.replace(self.git_password, "password_removed")             
                 logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
                 gitFailure = True
                 if stderrout.find("timeout after") != -1:
@@ -1488,7 +1489,6 @@ def run_script(self, restlist_override=None, config_override=None):
 
                 if stderrout.find("error:") != -1 or stderrout.find("fatal:") != -1 or stderrout.find("timeout after") != -1:
                     if not self.show_passwords and self.git_password:
-                        output = output.replace(self.git_password, "password_removed")
                         stderrout = stderrout.replace(self.git_password, "password_removed")
                     logger.warn("i=\"%s\" error/fatal messages in git stderroutput please review. stderrout=\"%s\"" % (self.stanzaName, stderrout))
                     gitFailure = True

default/app.conf

@@ -12,7 +12,7 @@ label = SplunkVersionControl
 [launcher]
 author = Gareth Anderson
 description = Version Control software for Splunk instances (backup/restore from git)
-version = 1.2.4
+version = 1.2.5
 
 [package]
 id = SplunkVersionControl

default/data/ui/views/splunkversioncontrol_restore.xml

@@ -36,6 +36,73 @@
       <choice value="collection">collection (kvstore)</choice>
       <choice value="viewstate">viewstate</choice>
       <choice value="times">times</choice>
+      <change>
+        <condition value="dashboard">
+          <set token="rest_filter">/data/ui/views</set>
+        </condition>
+        <condition value="savedsearch">
+          <set token="rest_filter">/saved/searches</set>
+        </condition>
+        <condition value="macro">
+          <set token="rest_filter">/configs/conf-macros</set>
+        </condition>
+        <condition value="fieldalias">
+          <set token="rest_filter">/data/props/fieldaliases</set>
+        </condition>
+        <condition value="fieldextraction">
+          <set token="rest_filter">/data/props/extractions</set>
+        </condition>
+        <condition value="fieldtransformation">
+          <set token="rest_filter">/data/transforms/extractions</set>
+        </condition>
+        <condition value="navmenu">
+          <set token="rest_filter">/data/ui/nav</set>
+        </condition>
+        <condition value="datamodel">
+          <set token="rest_filter">/datamodel/model</set>
+        </condition>
+        <condition value="panels">
+          <set token="rest_filter">/data/ui/panels</set>
+        </condition>
+        <condition value="calcfields">
+          <set token="rest_filter">/data/props/calcfields</set>
+        </condition>
+        <condition value="workflowaction">
+          <set token="rest_filter">/data/ui/workflow-actions</set>
+        </condition>
+        <condition value="sourcetyperenaming">
+          <set token="rest_filter">/data/props/sourcetype-rename</set>
+        </condition>
+        <condition value="tags">
+          <set token="rest_filter">/configs/conf-tags</set>
+        </condition>
+        <condition value="eventtypes">
+          <set token="rest_filter">/saved/eventtypes</set>
+        </condition>
+        <condition value="lookupdef">
+          <set token="rest_filter">/data/transforms/lookups</set>
+        </condition>
+        <condition value="automaticlookup">
+          <set token="rest_filter">/data/props/lookups</set>
+        </condition>
+        <condition value="collection">
+          <set token="rest_filter">/storage/collections/config</set>
+        </condition>
+        <condition value="viewstate">
+          <set token="rest_filter">/configs/conf-viewstates</set>
+        </condition>
+        <condition value="times">
+          <set token="rest_filter">/configs/conf-times</set>
+        </condition>
+      </change>
+    </input>
+    <input type="dropdown" token="name">
+      <label>Object Name</label>
+      <fieldForLabel>title</fieldForLabel>
+      <fieldForValue>title</fieldForValue>
+      <search>
+        <query>| rest splunk_server=local /servicesNS/-/$app$/$rest_filter$ count=0 f=title f=eai:acl*  | search eai:acl.app="$app$"| dedup title | fields title</query>
+      </search>
     </input>
     <input type="text" token="name">
       <label>Object URI/Name (not label)</label>

default/data/ui/views/splunkversioncontrol_restore_dynamic.xml

@@ -36,7 +36,74 @@
       <choice value="collection">collection (kvstore)</choice>
       <choice value="viewstate">viewstate</choice>
       <choice value="times">times</choice>
+      <change>
+        <condition value="dashboard">
+          <set token="rest_filter">/data/ui/views</set>
+        </condition>
+        <condition value="savedsearch">
+          <set token="rest_filter">/saved/searches</set>
+        </condition>
+        <condition value="macro">
+          <set token="rest_filter">/configs/conf-macros</set>
+        </condition>
+        <condition value="fieldalias">
+          <set token="rest_filter">/data/props/fieldaliases</set>
+        </condition>
+        <condition value="fieldextraction">
+          <set token="rest_filter">/data/props/extractions</set>
+        </condition>
+        <condition value="fieldtransformation">
+          <set token="rest_filter">/data/transforms/extractions</set>
+        </condition>
+        <condition value="navmenu">
+          <set token="rest_filter">/data/ui/nav</set>
+        </condition>
+        <condition value="datamodel">
+          <set token="rest_filter">/datamodel/model</set>
+        </condition>
+        <condition value="panels">
+          <set token="rest_filter">/data/ui/panels</set>
+        </condition>
+        <condition value="calcfields">
+          <set token="rest_filter">/data/props/calcfields</set>
+        </condition>
+        <condition value="workflowaction">
+          <set token="rest_filter">/data/ui/workflow-actions</set>
+        </condition>
+        <condition value="sourcetyperenaming">
+          <set token="rest_filter">/data/props/sourcetype-rename</set>
+        </condition>
+        <condition value="tags">
+          <set token="rest_filter">/configs/conf-tags</set>
+        </condition>
+        <condition value="eventtypes">
+          <set token="rest_filter">/saved/eventtypes</set>
+        </condition>
+        <condition value="lookupdef">
+          <set token="rest_filter">/data/transforms/lookups</set>
+        </condition>
+        <condition value="automaticlookup">
+          <set token="rest_filter">/data/props/lookups</set>
+        </condition>
+        <condition value="collection">
+          <set token="rest_filter">/storage/collections/config</set>
+        </condition>
+        <condition value="viewstate">
+          <set token="rest_filter">/configs/conf-viewstates</set>
+        </condition>
+        <condition value="times">
+          <set token="rest_filter">/configs/conf-times</set>
+        </condition>
+      </change>      
     </input>
+    <input type="dropdown" token="name">
+      <label>Object Name</label>
+      <fieldForLabel>title</fieldForLabel>
+      <fieldForValue>title</fieldForValue>
+      <search>
+        <query>| rest splunk_server=local /servicesNS/-/$app$/$rest_filter$ count=0 f=title f=eai:acl*  | search eai:acl.app="$app$"| dedup title | fields title</query>
+      </search>
+    </input>    
     <input type="text" token="name">
       <label>Object URI/Name (not label)</label>
     </input>

default/savedsearches.conf

@@ -87,17 +87,11 @@ display.visualizations.charting.chart = bar
 display.visualizations.show = 0
 request.ui_dispatch_app = monitoring
 request.ui_dispatch_view = search
-search = | rest /services/admin/LDAP-groups splunk_server=local \
-| where isnotnull(roles) \
-| search users IN ($ldapFilter$) roles=admin\
-| mvexpand users\
-| rex field=users "CN=(?P<username>[^,]+)"\
-| append [ | rest /services/authentication/users splunk_server=local \
-| search type=Splunk \
-| table title, roles \
-| rename title AS username \
-| mvexpand roles\
-| search roles=admin ]\
+search = | rest /services/authentication/users splunk_server=local \
+| table title, roles  \
+| rename title AS username  \
+| mvexpand roles \
+| search roles=admin \
 | search username IN ($usernameFilter$)\
 | table username
 
@@ -176,7 +170,9 @@ display.visualizations.show = 0
 request.ui_dispatch_app = SplunkVersionControl
 request.ui_dispatch_view = search
 search = | savedsearch KOM_Change_Audit_Summary \
+| regex uri_path!="/en-[^/]+/manager/" \
 | eval obj_times=strftime(strptime(time_stamp,"%H:%M:%S %d-%b-%Y"),"%Y-%m-%dT%H:%M:%S%z")\
+| rex mode=sed field=uri_path "s/^\/en-[^\/]+\/splunkd\/__raw//g" \
 | stats values(ko_label) AS ko_label, values(action) AS action, values(edit_type) AS edit_type, values(origin_splunk_server) AS server, values(app_label) AS app_label, values(obj_times) AS obj_times by ko_type, user, app_name, ko_name, uri_path \
 | rex field=uri_path "/servicesNS/(?P<user_in_url>[^/]+)" \
 | eval scope=if(user_in_url=="nobody","app,global","user") \