|
| 1 | +import json |
| 2 | +import os |
| 3 | +from datetime import datetime |
| 4 | + |
| 5 | +from dotenv import load_dotenv |
| 6 | + |
| 7 | +import input_module_intersight |
| 8 | + |
| 9 | +load_dotenv('_brattice.env') |
| 10 | + |
| 11 | +# This code allows us to execute the input for testing without needing additional code from splunk |
| 12 | +# by providing a minimal sub-out of the two classes that splunk passes to the input |
| 13 | + |
| 14 | +class SplunkEmHelper: |
| 15 | + # this function provides all of the input-specific configuration data |
| 16 | + def get_arg(self, arg_name): |
| 17 | + if arg_name == 'intersight_hostname': |
| 18 | + return "www.intersight.com" |
| 19 | + if arg_name == 'api_key_id': |
| 20 | + return os.environ.get('IntersightKeyId') |
| 21 | + if arg_name == 'api_secret_key': |
| 22 | + return os.environ.get('IntersightSecretKey') |
| 23 | + if arg_name == 'validate_ssl': |
| 24 | + return True |
| 25 | + if arg_name == 'enable_aaa_audit_records': |
| 26 | + return True |
| 27 | + if arg_name == 'enable_alarms': |
| 28 | + return True |
| 29 | + if arg_name == 'inventory_interval': |
| 30 | + return 300 |
| 31 | + if arg_name == 'inventory': |
| 32 | + all = {'advisories', 'compute', 'contract', |
| 33 | + 'network', 'hyperflex', 'target'} |
| 34 | + none = {} |
| 35 | + return all |
| 36 | + |
| 37 | + # this function provides the input name |
| 38 | + def get_input_stanza(self): |
| 39 | + return {'SPLUNK_EM': {}} |
| 40 | + |
| 41 | + # this function provides the proxy configuration |
| 42 | + def get_proxy(self): |
| 43 | + noproxy = {} |
| 44 | + proxy = { |
| 45 | + "proxy_url": "host", |
| 46 | + "proxy_port": "999", |
| 47 | + "proxy_username": "username", |
| 48 | + "proxy_password": "password", |
| 49 | + "proxy_type": "http", # other values are "socks4" and "socks5" |
| 50 | + "proxy_rdns": False |
| 51 | + } |
| 52 | + return noproxy |
| 53 | + |
| 54 | + # this function provides the index name (which we don't really care about right now) |
| 55 | + def get_output_index(self): |
| 56 | + return "main" |
| 57 | + |
| 58 | + # these functions catch and print the logging messages from the input |
| 59 | + def log_debug(self, message): |
| 60 | + print(datetime.now().strftime("%H:%M:%S") + " DEBUG: " + message) |
| 61 | + |
| 62 | + def log_info(self, message): |
| 63 | + print(datetime.now().strftime("%H:%M:%S") + " INFO: " + message) |
| 64 | + |
| 65 | + def log_critical(self, message): |
| 66 | + print(datetime.now().strftime("%H:%M:%S") + " CRITICAL: " + message) |
| 67 | + |
| 68 | + def log_warning(self, message): |
| 69 | + print(datetime.now().strftime("%H:%M:%S") + " WARNING: " + message) |
| 70 | + |
| 71 | + # these two functions print the checkpoint save/delete operations |
| 72 | + # this class doesn't attempt to persist checkpoints |
| 73 | + def save_check_point(self, name, state): |
| 74 | + print(datetime.now().strftime("%H:%M:%S") + |
| 75 | + " CHECKPOINT SAVE: " + str(name) + " = " + str(state)) |
| 76 | + |
| 77 | + def delete_check_point(self, name): |
| 78 | + print(datetime.now().strftime("%H:%M:%S") + |
| 79 | + " CHECKPOINT DELETE: " + str(name)) |
| 80 | + |
| 81 | + # this function catches the event value and returns only the data |
| 82 | + def new_event(self, source, index, sourcetype, data): |
| 83 | + return data |
| 84 | + |
| 85 | + |
| 86 | +helper = SplunkEmHelper() |
| 87 | + |
| 88 | +class SplunkEmEventWriter: |
| 89 | + def write_event(self, event): |
| 90 | + event = json.loads(event) |
| 91 | + # print(json.dumps(event, indent=3)) |
| 92 | + pass |
| 93 | + |
| 94 | +ew = SplunkEmEventWriter() |
| 95 | + |
| 96 | +input_module_intersight.collect_events(helper, ew) |
0 commit comments