├── LICENSE
├── README.md
├── bin
    ├── mkjson.py
    └── splunklib
    │   ├── __init__.py
    │   ├── binding.py
    │   ├── client.py
    │   ├── data.py
    │   ├── modularinput
    │       ├── __init__.py
    │       ├── argument.py
    │       ├── event.py
    │       ├── event_writer.py
    │       ├── input_definition.py
    │       ├── scheme.py
    │       ├── script.py
    │       ├── utils.py
    │       └── validation_definition.py
    │   ├── ordereddict.py
    │   ├── results.py
    │   ├── searchcommands
    │       ├── __init__.py
    │       ├── decorators.py
    │       ├── environment.py
    │       ├── eventing_command.py
    │       ├── external_search_command.py
    │       ├── generating_command.py
    │       ├── internals.py
    │       ├── reporting_command.py
    │       ├── search_command.py
    │       ├── streaming_command.py
    │       └── validators.py
    │   └── six.py
├── default
    ├── app.conf
    ├── commands.conf
    ├── logging.conf
    └── searchbnf.conf
├── metadata
    └── default.meta
└── static
    ├── appIcon.png
    └── appIcon_2x.png


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 Douglas Graeme Brown
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # TA-jsontools
2 | 
3 | JSON Tools Technology Add-On for Splunk
4 | 
5 | Please see documentation here: https://github.com/doksu/TA-jsontools/wiki
6 | 


--------------------------------------------------------------------------------
/bin/mkjson.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python
 2 | 
 3 | from splunklib.searchcommands import dispatch, StreamingCommand, Configuration, Option, validators
 4 | import sys
 5 | import json
 6 | import re
 7 | 
 8 | @Configuration()
 9 | class MkJSONCommand(StreamingCommand):
10 |     """ 
11 | 
12 |     ##Syntax
13 | 
14 | 
15 |     ##Description
16 | 
17 | 
18 |     ##Example
19 | 
20 | 
21 |     """
22 |     includehidden = Option(require=False, validate=validators.Boolean())
23 |     outputfield = Option(require=False, validate=validators.Fieldname())
24 |     sortkeys = Option(require=False, validate=validators.Boolean())
25 | 
26 |     def stream(self, events):
27 | 
28 |         if not self.outputfield:
29 | 
30 |             outputfield = "_raw"
31 | 
32 |         else:
33 | 
34 |             outputfield = self.outputfield
35 | 
36 |         if not self.includehidden:
37 | 
38 |             self.includehidden = False
39 | 
40 |         if not self.sortkeys:
41 | 
42 |             self.sortkeys = False
43 | 
44 |         for event in events:
45 | 
46 |             includedfields = set()
47 | 
48 |             if len(self.fieldnames) > 0:
49 | 
50 |                 for fieldname in self.fieldnames:
51 | 
52 |                     if fieldname in event:
53 | 
54 |                         includedfields.add(fieldname)
55 | 
56 |                 outputdict = {}
57 | 
58 |                 for field in includedfields:
59 | 
60 |                     if len(event[field]) > 0:
61 | 
62 |                         outputdict[field] = event[field]
63 | 
64 |                 event[outputfield] = json.dumps(outputdict, sort_keys=self.sortkeys)
65 | 
66 |             else:
67 | 
68 |                 outputdict = {}
69 | 
70 |                 for field in event:
71 | 
72 |                     if self.includehidden or not re.match('^\_[^\_]',field):
73 | 
74 |                         if len(event[field]) > 0:
75 | 
76 |                             outputdict[field] = event[field]
77 | 
78 |                 event[outputfield] = json.dumps(outputdict, sort_keys=self.sortkeys)
79 | 
80 |             yield event
81 | 
82 | dispatch(MkJSONCommand, sys.argv, sys.stdin, sys.stdout, __name__)
83 | 


--------------------------------------------------------------------------------
/bin/splunklib/__init__.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2011-2015 Splunk, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
 4 | # not use this file except in compliance with the License. You may obtain
 5 | # a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 | # License for the specific language governing permissions and limitations
13 | # under the License.
14 | 
15 | """Python library for Splunk."""
16 | 
17 | from __future__ import absolute_import
18 | from splunklib.six.moves import map
19 | __version_info__ = (1, 6, 15)
20 | __version__ = ".".join(map(str, __version_info__))
21 | 


--------------------------------------------------------------------------------
/bin/splunklib/data.py:
--------------------------------------------------------------------------------
  1 | # Copyright 2011-2015 Splunk, Inc.
  2 | #
  3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  4 | # not use this file except in compliance with the License. You may obtain
  5 | # a copy of the License at
  6 | #
  7 | #     http://www.apache.org/licenses/LICENSE-2.0
  8 | #
  9 | # Unless required by applicable law or agreed to in writing, software
 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 12 | # License for the specific language governing permissions and limitations
 13 | # under the License.
 14 | 
 15 | """The **splunklib.data** module reads the responses from splunkd in Atom Feed 
 16 | format, which is the format used by most of the REST API.
 17 | """
 18 | 
 19 | from __future__ import absolute_import
 20 | import sys
 21 | from xml.etree.ElementTree import XML
 22 | from splunklib import six
 23 | 
 24 | __all__ = ["load"]
 25 | 
 26 | # LNAME refers to element names without namespaces; XNAME is the same
 27 | # name, but with an XML namespace.
 28 | LNAME_DICT = "dict"
 29 | LNAME_ITEM = "item"
 30 | LNAME_KEY = "key"
 31 | LNAME_LIST = "list"
 32 | 
 33 | XNAMEF_REST = "{http://dev.splunk.com/ns/rest}%s"
 34 | XNAME_DICT = XNAMEF_REST % LNAME_DICT
 35 | XNAME_ITEM = XNAMEF_REST % LNAME_ITEM
 36 | XNAME_KEY = XNAMEF_REST % LNAME_KEY
 37 | XNAME_LIST = XNAMEF_REST % LNAME_LIST
 38 | 
 39 | # Some responses don't use namespaces (eg: search/parse) so we look for
 40 | # both the extended and local versions of the following names.
 41 | 
 42 | def isdict(name):
 43 |     return name == XNAME_DICT or name == LNAME_DICT
 44 | 
 45 | def isitem(name):
 46 |     return name == XNAME_ITEM or name == LNAME_ITEM
 47 | 
 48 | def iskey(name):
 49 |     return name == XNAME_KEY or name == LNAME_KEY
 50 | 
 51 | def islist(name):
 52 |     return name == XNAME_LIST or name == LNAME_LIST
 53 | 
 54 | def hasattrs(element):
 55 |     return len(element.attrib) > 0
 56 | 
 57 | def localname(xname):
 58 |     rcurly = xname.find('}')
 59 |     return xname if rcurly == -1 else xname[rcurly+1:]
 60 | 
 61 | def load(text, match=None):
 62 |     """This function reads a string that contains the XML of an Atom Feed, then 
 63 |     returns the 
 64 |     data in a native Python structure (a ``dict`` or ``list``). If you also 
 65 |     provide a tag name or path to match, only the matching sub-elements are 
 66 |     loaded.
 67 | 
 68 |     :param text: The XML text to load.
 69 |     :type text: ``string``
 70 |     :param match: A tag name or path to match (optional).
 71 |     :type match: ``string``
 72 |     """
 73 |     if text is None: return None
 74 |     text = text.strip()
 75 |     if len(text) == 0: return None
 76 |     nametable = {
 77 |         'namespaces': [],
 78 |         'names': {}
 79 |     }
 80 | 
 81 |     # Convert to unicode encoding in only python 2 for xml parser
 82 |     if(sys.version_info < (3, 0, 0) and isinstance(text, unicode)):
 83 |         text = text.encode('utf-8')
 84 | 
 85 |     root = XML(text)
 86 |     items = [root] if match is None else root.findall(match)
 87 |     count = len(items)
 88 |     if count == 0: 
 89 |         return None
 90 |     elif count == 1: 
 91 |         return load_root(items[0], nametable)
 92 |     else:
 93 |         return [load_root(item, nametable) for item in items]
 94 | 
 95 | # Load the attributes of the given element.
 96 | def load_attrs(element):
 97 |     if not hasattrs(element): return None
 98 |     attrs = record()
 99 |     for key, value in six.iteritems(element.attrib): 
100 |         attrs[key] = value
101 |     return attrs
102 | 
103 | # Parse a <dict> element and return a Python dict
104 | def load_dict(element, nametable = None):
105 |     value = record()
106 |     children = list(element)
107 |     for child in children:
108 |         assert iskey(child.tag)
109 |         name = child.attrib["name"]
110 |         value[name] = load_value(child, nametable)
111 |     return value
112 | 
113 | # Loads the given elements attrs & value into single merged dict.
114 | def load_elem(element, nametable=None):
115 |     name = localname(element.tag)
116 |     attrs = load_attrs(element)
117 |     value = load_value(element, nametable)
118 |     if attrs is None: return name, value
119 |     if value is None: return name, attrs
120 |     # If value is simple, merge into attrs dict using special key
121 |     if isinstance(value, six.string_types):
122 |         attrs["$text"] = value
123 |         return name, attrs
124 |     # Both attrs & value are complex, so merge the two dicts, resolving collisions.
125 |     collision_keys = []
126 |     for key, val in six.iteritems(attrs):
127 |         if key in value and key in collision_keys:
128 |             value[key].append(val)
129 |         elif key in value and key not in collision_keys:
130 |             value[key] = [value[key], val]
131 |             collision_keys.append(key)
132 |         else:
133 |             value[key] = val
134 |     return name, value
135 | 
136 | # Parse a <list> element and return a Python list
137 | def load_list(element, nametable=None):
138 |     assert islist(element.tag)
139 |     value = []
140 |     children = list(element)
141 |     for child in children:
142 |         assert isitem(child.tag)
143 |         value.append(load_value(child, nametable))
144 |     return value
145 | 
146 | # Load the given root element.
147 | def load_root(element, nametable=None):
148 |     tag = element.tag
149 |     if isdict(tag): return load_dict(element, nametable)
150 |     if islist(tag): return load_list(element, nametable)
151 |     k, v = load_elem(element, nametable)
152 |     return Record.fromkv(k, v)
153 | 
154 | # Load the children of the given element.
155 | def load_value(element, nametable=None):
156 |     children = list(element)
157 |     count = len(children)
158 | 
159 |     # No children, assume a simple text value
160 |     if count == 0:
161 |         text = element.text
162 |         if text is None: 
163 |             return None
164 |         text = text.strip()
165 |         if len(text) == 0: 
166 |             return None
167 |         return text
168 | 
169 |     # Look for the special case of a single well-known structure
170 |     if count == 1:
171 |         child = children[0]
172 |         tag = child.tag
173 |         if isdict(tag): return load_dict(child, nametable)
174 |         if islist(tag): return load_list(child, nametable)
175 | 
176 |     value = record()
177 |     for child in children:
178 |         name, item = load_elem(child, nametable)
179 |         # If we have seen this name before, promote the value to a list
180 |         if name in value:
181 |             current = value[name]
182 |             if not isinstance(current, list): 
183 |                 value[name] = [current]
184 |             value[name].append(item)
185 |         else:
186 |             value[name] = item
187 | 
188 |     return value
189 | 
190 | # A generic utility that enables "dot" access to dicts
191 | class Record(dict):
192 |     """This generic utility class enables dot access to members of a Python 
193 |     dictionary.
194 | 
195 |     Any key that is also a valid Python identifier can be retrieved as a field. 
196 |     So, for an instance of ``Record`` called ``r``, ``r.key`` is equivalent to 
197 |     ``r['key']``. A key such as ``invalid-key`` or ``invalid.key`` cannot be 
198 |     retrieved as a field, because ``-`` and ``.`` are not allowed in 
199 |     identifiers.
200 | 
201 |     Keys of the form ``a.b.c`` are very natural to write in Python as fields. If 
202 |     a group of keys shares a prefix ending in ``.``, you can retrieve keys as a 
203 |     nested dictionary by calling only the prefix. For example, if ``r`` contains
204 |     keys ``'foo'``, ``'bar.baz'``, and ``'bar.qux'``, ``r.bar`` returns a record
205 |     with the keys ``baz`` and ``qux``. If a key contains multiple ``.``, each 
206 |     one is placed into a nested dictionary, so you can write ``r.bar.qux`` or 
207 |     ``r['bar.qux']`` interchangeably.
208 |     """
209 |     sep = '.'
210 | 
211 |     def __call__(self, *args):
212 |         if len(args) == 0: return self
213 |         return Record((key, self[key]) for key in args)
214 | 
215 |     def __getattr__(self, name):
216 |         try:
217 |             return self[name]
218 |         except KeyError: 
219 |             raise AttributeError(name)
220 | 
221 |     def __delattr__(self, name):
222 |         del self[name]
223 | 
224 |     def __setattr__(self, name, value):
225 |         self[name] = value
226 | 
227 |     @staticmethod
228 |     def fromkv(k, v):
229 |         result = record()
230 |         result[k] = v
231 |         return result
232 | 
233 |     def __getitem__(self, key):
234 |         if key in self:
235 |             return dict.__getitem__(self, key)
236 |         key += self.sep
237 |         result = record()
238 |         for k,v in six.iteritems(self):
239 |             if not k.startswith(key):
240 |                 continue
241 |             suffix = k[len(key):]
242 |             if '.' in suffix:
243 |                 ks = suffix.split(self.sep)
244 |                 z = result
245 |                 for x in ks[:-1]:
246 |                     if x not in z:
247 |                         z[x] = record()
248 |                     z = z[x]
249 |                 z[ks[-1]] = v
250 |             else:
251 |                 result[suffix] = v
252 |         if len(result) == 0:
253 |             raise KeyError("No key or prefix: %s" % key)
254 |         return result
255 |     
256 | 
257 | def record(value=None): 
258 |     """This function returns a :class:`Record` instance constructed with an 
259 |     initial value that you provide.
260 |     
261 |     :param `value`: An initial record value.
262 |     :type `value`: ``dict``
263 |     """
264 |     if value is None: value = {}
265 |     return Record(value)
266 | 
267 | 


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/__init__.py:
--------------------------------------------------------------------------------
 1 | """The following imports allow these classes to be imported via
 2 | the splunklib.modularinput package like so:
 3 | 
 4 | from splunklib.modularinput import *
 5 | """
 6 | from .argument import Argument
 7 | from .event import Event
 8 | from .event_writer import EventWriter
 9 | from .input_definition import InputDefinition
10 | from .scheme import Scheme
11 | from .script import Script
12 | from .validation_definition import ValidationDefinition
13 | 


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/argument.py:
--------------------------------------------------------------------------------
  1 | # Copyright 2011-2015 Splunk, Inc.
  2 | #
  3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  4 | # not use this file except in compliance with the License. You may obtain
  5 | # a copy of the License at
  6 | #
  7 | #     http://www.apache.org/licenses/LICENSE-2.0
  8 | #
  9 | # Unless required by applicable law or agreed to in writing, software
 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 12 | # License for the specific language governing permissions and limitations
 13 | # under the License.
 14 | 
 15 | from __future__ import absolute_import
 16 | try:
 17 |     import xml.etree.ElementTree as ET
 18 | except ImportError:
 19 |     import xml.etree.cElementTree as ET
 20 | 
 21 | class Argument(object):
 22 |     """Class representing an argument to a modular input kind.
 23 | 
 24 |     ``Argument`` is meant to be used with ``Scheme`` to generate an XML 
 25 |     definition of the modular input kind that Splunk understands.
 26 | 
 27 |     ``name`` is the only required parameter for the constructor.
 28 | 
 29 |         **Example with least parameters**::
 30 | 
 31 |             arg1 = Argument(name="arg1")
 32 | 
 33 |         **Example with all parameters**::
 34 | 
 35 |             arg2 = Argument(
 36 |                 name="arg2",
 37 |                 description="This is an argument with lots of parameters",
 38 |                 validation="is_pos_int('some_name')",
 39 |                 data_type=Argument.data_type_number,
 40 |                 required_on_edit=True,
 41 |                 required_on_create=True
 42 |             )
 43 |     """
 44 | 
 45 |     # Constant values, do not change.
 46 |     # These should be used for setting the value of an Argument object's data_type field.
 47 |     data_type_boolean = "BOOLEAN"
 48 |     data_type_number = "NUMBER"
 49 |     data_type_string = "STRING"
 50 | 
 51 |     def __init__(self, name, description=None, validation=None,
 52 |                  data_type=data_type_string, required_on_edit=False, required_on_create=False, title=None):
 53 |         """
 54 |         :param name: ``string``, identifier for this argument in Splunk.
 55 |         :param description: ``string``, human-readable description of the argument.
 56 |         :param validation: ``string`` specifying how the argument should be validated, if using internal validation.
 57 |                If using external validation, this will be ignored.
 58 |         :param data_type: ``string``, data type of this field; use the class constants.
 59 |                "data_type_boolean", "data_type_number", or "data_type_string".
 60 |         :param required_on_edit: ``Boolean``, whether this arg is required when editing an existing modular input of this kind.
 61 |         :param required_on_create: ``Boolean``, whether this arg is required when creating a modular input of this kind.
 62 |         :param title: ``String``, a human-readable title for the argument.
 63 |         """
 64 |         self.name = name
 65 |         self.description = description
 66 |         self.validation = validation
 67 |         self.data_type = data_type
 68 |         self.required_on_edit = required_on_edit
 69 |         self.required_on_create = required_on_create
 70 |         self.title = title
 71 | 
 72 |     def add_to_document(self, parent):
 73 |         """Adds an ``Argument`` object to this ElementTree document.
 74 | 
 75 |         Adds an <arg> subelement to the parent element, typically <args>
 76 |         and sets up its subelements with their respective text.
 77 | 
 78 |         :param parent: An ``ET.Element`` to be the parent of a new <arg> subelement
 79 |         :returns: An ``ET.Element`` object representing this argument.
 80 |         """
 81 |         arg = ET.SubElement(parent, "arg")
 82 |         arg.set("name", self.name)
 83 | 
 84 |         if self.title is not None:
 85 |             ET.SubElement(arg, "title").text = self.title
 86 | 
 87 |         if self.description is not None:
 88 |             ET.SubElement(arg, "description").text = self.description
 89 | 
 90 |         if self.validation is not None:
 91 |             ET.SubElement(arg, "validation").text = self.validation
 92 | 
 93 |         # add all other subelements to this Argument, represented by (tag, text)
 94 |         subelements = [
 95 |             ("data_type", self.data_type),
 96 |             ("required_on_edit", self.required_on_edit),
 97 |             ("required_on_create", self.required_on_create)
 98 |         ]
 99 | 
100 |         for name, value in subelements:
101 |             ET.SubElement(arg, name).text = str(value).lower()
102 | 
103 |         return arg


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/event.py:
--------------------------------------------------------------------------------
  1 | # Copyright 2011-2015 Splunk, Inc.
  2 | #
  3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  4 | # not use this file except in compliance with the License. You may obtain
  5 | # a copy of the License at
  6 | #
  7 | #     http://www.apache.org/licenses/LICENSE-2.0
  8 | #
  9 | # Unless required by applicable law or agreed to in writing, software
 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 12 | # License for the specific language governing permissions and limitations
 13 | # under the License.
 14 | 
 15 | from __future__ import absolute_import
 16 | from io import TextIOBase
 17 | from splunklib.six import ensure_text
 18 | 
 19 | try:
 20 |     import xml.etree.cElementTree as ET
 21 | except ImportError as ie:
 22 |     import xml.etree.ElementTree as ET
 23 | 
 24 | class Event(object):
 25 |     """Represents an event or fragment of an event to be written by this modular input to Splunk.
 26 | 
 27 |     To write an input to a stream, call the ``write_to`` function, passing in a stream.
 28 |     """
 29 |     def __init__(self, data=None, stanza=None, time=None, host=None, index=None, source=None,
 30 |                  sourcetype=None, done=True, unbroken=True):
 31 |         """There are no required parameters for constructing an Event
 32 | 
 33 |         **Example with minimal configuration**::
 34 | 
 35 |             my_event = Event(
 36 |                 data="This is a test of my new event.",
 37 |                 stanza="myStanzaName",
 38 |                 time="%.3f" % 1372187084.000
 39 |             )
 40 | 
 41 |         **Example with full configuration**::
 42 | 
 43 |             excellent_event = Event(
 44 |                 data="This is a test of my excellent event.",
 45 |                 stanza="excellenceOnly",
 46 |                 time="%.3f" % 1372274622.493,
 47 |                 host="localhost",
 48 |                 index="main",
 49 |                 source="Splunk",
 50 |                 sourcetype="misc",
 51 |                 done=True,
 52 |                 unbroken=True
 53 |             )
 54 | 
 55 |         :param data: ``string``, the event's text.
 56 |         :param stanza: ``string``, name of the input this event should be sent to.
 57 |         :param time: ``float``, time in seconds, including up to 3 decimal places to represent milliseconds.
 58 |         :param host: ``string``, the event's host, ex: localhost.
 59 |         :param index: ``string``, the index this event is specified to write to, or None if default index.
 60 |         :param source: ``string``, the source of this event, or None to have Splunk guess.
 61 |         :param sourcetype: ``string``, source type currently set on this event, or None to have Splunk guess.
 62 |         :param done: ``boolean``, is this a complete ``Event``? False if an ``Event`` fragment.
 63 |         :param unbroken: ``boolean``, Is this event completely encapsulated in this ``Event`` object?
 64 |         """
 65 |         self.data = data
 66 |         self.done = done
 67 |         self.host = host
 68 |         self.index = index
 69 |         self.source = source
 70 |         self.sourceType = sourcetype
 71 |         self.stanza = stanza
 72 |         self.time = time
 73 |         self.unbroken = unbroken
 74 | 
 75 |     def write_to(self, stream):
 76 |         """Write an XML representation of self, an ``Event`` object, to the given stream.
 77 | 
 78 |         The ``Event`` object will only be written if its data field is defined,
 79 |         otherwise a ``ValueError`` is raised.
 80 | 
 81 |         :param stream: stream to write XML to.
 82 |         """
 83 |         if self.data is None:
 84 |             raise ValueError("Events must have at least the data field set to be written to XML.")
 85 | 
 86 |         event = ET.Element("event")
 87 |         if self.stanza is not None:
 88 |             event.set("stanza", self.stanza)
 89 |         event.set("unbroken", str(int(self.unbroken)))
 90 | 
 91 |         # if a time isn't set, let Splunk guess by not creating a <time> element
 92 |         if self.time is not None:
 93 |             ET.SubElement(event, "time").text = str(self.time)
 94 | 
 95 |         # add all other subelements to this Event, represented by (tag, text)
 96 |         subelements = [
 97 |             ("source", self.source),
 98 |             ("sourcetype", self.sourceType),
 99 |             ("index", self.index),
100 |             ("host", self.host),
101 |             ("data", self.data)
102 |         ]
103 |         for node, value in subelements:
104 |             if value is not None:
105 |                 ET.SubElement(event, node).text = value
106 | 
107 |         if self.done:
108 |             ET.SubElement(event, "done")
109 | 
110 |         if isinstance(stream, TextIOBase):
111 |             stream.write(ensure_text(ET.tostring(event)))
112 |         else:
113 |             stream.write(ET.tostring(event))
114 |         stream.flush()


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/event_writer.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2011-2015 Splunk, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
 4 | # not use this file except in compliance with the License. You may obtain
 5 | # a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 | # License for the specific language governing permissions and limitations
13 | # under the License.
14 | 
15 | from __future__ import absolute_import
16 | import sys
17 | 
18 | from io import TextIOWrapper, TextIOBase
19 | from splunklib.six import ensure_str
20 | from .event import ET
21 | 
22 | try:
23 |     from splunklib.six.moves import cStringIO as StringIO
24 | except ImportError:
25 |     from splunklib.six import StringIO
26 | 
27 | class EventWriter(object):
28 |     """``EventWriter`` writes events and error messages to Splunk from a modular input.
29 |     Its two important methods are ``writeEvent``, which takes an ``Event`` object,
30 |     and ``log``, which takes a severity and an error message.
31 |     """
32 | 
33 |     # Severities that Splunk understands for log messages from modular inputs.
34 |     # Do not change these
35 |     DEBUG = "DEBUG"
36 |     INFO = "INFO"
37 |     WARN = "WARN"
38 |     ERROR = "ERROR"
39 |     FATAL = "FATAL"
40 | 
41 |     def __init__(self, output = sys.stdout, error = sys.stderr):
42 |         """
43 |         :param output: Where to write the output; defaults to sys.stdout.
44 |         :param error: Where to write any errors; defaults to sys.stderr.
45 |         """
46 |         self._out = output
47 |         self._err = error
48 | 
49 |         # has the opening <stream> tag been written yet?
50 |         self.header_written = False
51 | 
52 |     def write_event(self, event):
53 |         """Writes an ``Event`` object to Splunk.
54 | 
55 |         :param event: An ``Event`` object.
56 |         """
57 | 
58 |         if not self.header_written:
59 |             self._out.write("<stream>")
60 |             self.header_written = True
61 | 
62 |         event.write_to(self._out)
63 | 
64 |     def log(self, severity, message):
65 |         """Logs messages about the state of this modular input to Splunk.
66 |         These messages will show up in Splunk's internal logs.
67 | 
68 |         :param severity: ``string``, severity of message, see severities defined as class constants.
69 |         :param message: ``string``, message to log.
70 |         """
71 | 
72 |         self._err.write("%s %s\n" % (severity, message))
73 |         self._err.flush()
74 | 
75 |     def write_xml_document(self, document):
76 |         """Writes a string representation of an
77 |         ``ElementTree`` object to the output stream.
78 | 
79 |         :param document: An ``ElementTree`` object.
80 |         """
81 |         self._out.write(ensure_str(ET.tostring(document)))
82 |         self._out.flush()
83 | 
84 |     def close(self):
85 |         """Write the closing </stream> tag to make this XML well formed."""
86 |         self._out.write("</stream>")
87 |         self._out.flush()
88 | 


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/input_definition.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2011-2015 Splunk, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
 4 | # not use this file except in compliance with the License. You may obtain
 5 | # a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 | # License for the specific language governing permissions and limitations
13 | # under the License.
14 | 
15 | from __future__ import absolute_import
16 | try:
17 |     import xml.etree.cElementTree as ET
18 | except ImportError as ie:
19 |     import xml.etree.ElementTree as ET
20 | 
21 | from .utils import parse_xml_data
22 | 
23 | class InputDefinition:
24 |     """``InputDefinition`` encodes the XML defining inputs that Splunk passes to
25 |     a modular input script.
26 | 
27 |      **Example**::
28 | 
29 |         i = InputDefinition()
30 | 
31 |     """
32 |     def __init__ (self):
33 |         self.metadata = {}
34 |         self.inputs = {}
35 | 
36 |     def __eq__(self, other):
37 |         if not isinstance(other, InputDefinition):
38 |             return False
39 |         return self.metadata == other.metadata and self.inputs == other.inputs
40 | 
41 |     @staticmethod
42 |     def parse(stream):
43 |         """Parse a stream containing XML into an ``InputDefinition``.
44 | 
45 |         :param stream: stream containing XML to parse.
46 |         :return: definition: an ``InputDefinition`` object.
47 |         """
48 |         definition = InputDefinition()
49 | 
50 |         # parse XML from the stream, then get the root node
51 |         root = ET.parse(stream).getroot()
52 | 
53 |         for node in root:
54 |             if node.tag == "configuration":
55 |                 # get config for each stanza
56 |                 definition.inputs = parse_xml_data(node, "stanza")
57 |             else:
58 |                 definition.metadata[node.tag] = node.text
59 | 
60 |         return definition


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/scheme.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2011-2015 Splunk, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
 4 | # not use this file except in compliance with the License. You may obtain
 5 | # a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 | # License for the specific language governing permissions and limitations
13 | # under the License.
14 | 
15 | from __future__ import absolute_import
16 | try:
17 |     import xml.etree.cElementTree as ET
18 | except ImportError:
19 |     import xml.etree.ElementTree as ET
20 | 
21 | class Scheme(object):
22 |     """Class representing the metadata for a modular input kind.
23 | 
24 |     A ``Scheme`` specifies a title, description, several options of how Splunk should run modular inputs of this
25 |     kind, and a set of arguments which define a particular modular input's properties.
26 | 
27 |     The primary use of ``Scheme`` is to abstract away the construction of XML to feed to Splunk.
28 |     """
29 | 
30 |     # Constant values, do not change
31 |     # These should be used for setting the value of a Scheme object's streaming_mode field.
32 |     streaming_mode_simple = "SIMPLE"
33 |     streaming_mode_xml = "XML"
34 | 
35 |     def __init__(self, title):
36 |         """
37 |         :param title: ``string`` identifier for this Scheme in Splunk.
38 |         """
39 |         self.title = title
40 |         self.description = None
41 |         self.use_external_validation = True
42 |         self.use_single_instance = False
43 |         self.streaming_mode = Scheme.streaming_mode_xml
44 | 
45 |         # list of Argument objects, each to be represented by an <arg> tag
46 |         self.arguments = []
47 | 
48 |     def add_argument(self, arg):
49 |         """Add the provided argument, ``arg``, to the ``self.arguments`` list.
50 | 
51 |         :param arg: An ``Argument`` object to add to ``self.arguments``.
52 |         """
53 |         self.arguments.append(arg)
54 | 
55 |     def to_xml(self):
56 |         """Creates an ``ET.Element`` representing self, then returns it.
57 | 
58 |         :returns: an ``ET.Element`` representing this scheme.
59 |         """
60 |         root = ET.Element("scheme")
61 | 
62 |         ET.SubElement(root, "title").text = self.title
63 | 
64 |         # add a description subelement if it's defined
65 |         if self.description is not None:
66 |             ET.SubElement(root, "description").text = self.description
67 | 
68 |         # add all other subelements to this Scheme, represented by (tag, text)
69 |         subelements = [
70 |             ("use_external_validation", self.use_external_validation),
71 |             ("use_single_instance", self.use_single_instance),
72 |             ("streaming_mode", self.streaming_mode)
73 |         ]
74 |         for name, value in subelements:
75 |             ET.SubElement(root, name).text = str(value).lower()
76 | 
77 |         endpoint = ET.SubElement(root, "endpoint")
78 | 
79 |         args = ET.SubElement(endpoint, "args")
80 | 
81 |         # add arguments as subelements to the <args> element
82 |         for arg in self.arguments:
83 |             arg.add_to_document(args)
84 | 
85 |         return root


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/script.py:
--------------------------------------------------------------------------------
  1 | # Copyright 2011-2015 Splunk, Inc.
  2 | #
  3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  4 | # not use this file except in compliance with the License. You may obtain
  5 | # a copy of the License at
  6 | #
  7 | #     http://www.apache.org/licenses/LICENSE-2.0
  8 | #
  9 | # Unless required by applicable law or agreed to in writing, software
 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 12 | # License for the specific language governing permissions and limitations
 13 | # under the License.
 14 | 
 15 | from __future__ import absolute_import
 16 | from abc import ABCMeta, abstractmethod
 17 | from splunklib.six.moves.urllib.parse import urlsplit
 18 | import sys
 19 | 
 20 | from ..client import Service
 21 | from .event_writer import EventWriter
 22 | from .input_definition import InputDefinition
 23 | from .validation_definition import ValidationDefinition
 24 | from splunklib import six
 25 | 
 26 | try:
 27 |     import xml.etree.cElementTree as ET
 28 | except ImportError:
 29 |     import xml.etree.ElementTree as ET
 30 | 
 31 | 
 32 | class Script(six.with_metaclass(ABCMeta, object)):
 33 |     """An abstract base class for implementing modular inputs.
 34 | 
 35 |     Subclasses should override ``get_scheme``, ``stream_events``,
 36 |     and optionally ``validate_input`` if the modular input uses
 37 |     external validation.
 38 | 
 39 |     The ``run`` function is used to run modular inputs; it typically should
 40 |     not be overridden.
 41 |     """
 42 | 
 43 |     def __init__(self):
 44 |         self._input_definition = None
 45 |         self._service = None
 46 | 
 47 |     def run(self, args):
 48 |         """Runs this modular input
 49 | 
 50 |         :param args: List of command line arguments passed to this script.
 51 |         :returns: An integer to be used as the exit value of this program.
 52 |         """
 53 | 
 54 |         # call the run_script function, which handles the specifics of running
 55 |         # a modular input
 56 |         return self.run_script(args, EventWriter(), sys.stdin)
 57 | 
 58 |     def run_script(self, args, event_writer, input_stream):
 59 |         """Handles all the specifics of running a modular input
 60 | 
 61 |         :param args: List of command line arguments passed to this script.
 62 |         :param event_writer: An ``EventWriter`` object for writing events.
 63 |         :param input_stream: An input stream for reading inputs.
 64 |         :returns: An integer to be used as the exit value of this program.
 65 |         """
 66 | 
 67 |         try:
 68 |             if len(args) == 1:
 69 |                 # This script is running as an input. Input definitions will be
 70 |                 # passed on stdin as XML, and the script will write events on
 71 |                 # stdout and log entries on stderr.
 72 |                 self._input_definition = InputDefinition.parse(input_stream)
 73 |                 self.stream_events(self._input_definition, event_writer)
 74 |                 event_writer.close()
 75 |                 return 0
 76 | 
 77 |             elif str(args[1]).lower() == "--scheme":
 78 |                 # Splunk has requested XML specifying the scheme for this
 79 |                 # modular input Return it and exit.
 80 |                 scheme = self.get_scheme()
 81 |                 if scheme is None:
 82 |                     event_writer.log(
 83 |                         EventWriter.FATAL,
 84 |                         "Modular input script returned a null scheme.")
 85 |                     return 1
 86 |                 else:
 87 |                     event_writer.write_xml_document(scheme.to_xml())
 88 |                     return 0
 89 | 
 90 |             elif args[1].lower() == "--validate-arguments":
 91 |                 validation_definition = ValidationDefinition.parse(input_stream)
 92 |                 try:
 93 |                     self.validate_input(validation_definition)
 94 |                     return 0
 95 |                 except Exception as e:
 96 |                     root = ET.Element("error")
 97 |                     ET.SubElement(root, "message").text = str(e)
 98 |                     event_writer.write_xml_document(root)
 99 | 
100 |                     return 1
101 |             else:
102 |                 err_string = "ERROR Invalid arguments to modular input script:" + ' '.join(
103 |                     args)
104 |                 event_writer._err.write(err_string)
105 |                 return 1
106 | 
107 |         except Exception as e:
108 |             event_writer.log(EventWriter.ERROR, str(e))
109 |             return 1
110 | 
111 |     @property
112 |     def service(self):
113 |         """ Returns a Splunk service object for this script invocation.
114 | 
115 |         The service object is created from the Splunkd URI and session key
116 |         passed to the command invocation on the modular input stream. It is
117 |         available as soon as the :code:`Script.stream_events` method is
118 |         called.
119 | 
120 |         :return: :class:`splunklib.client.Service`. A value of None is returned,
121 |             if you call this method before the :code:`Script.stream_events` method
122 |             is called.
123 | 
124 |         """
125 |         if self._service is not None:
126 |             return self._service
127 | 
128 |         if self._input_definition is None:
129 |             return None
130 | 
131 |         splunkd_uri = self._input_definition.metadata["server_uri"]
132 |         session_key = self._input_definition.metadata["session_key"]
133 | 
134 |         splunkd = urlsplit(splunkd_uri, allow_fragments=False)
135 | 
136 |         self._service = Service(
137 |             scheme=splunkd.scheme,
138 |             host=splunkd.hostname,
139 |             port=splunkd.port,
140 |             token=session_key,
141 |         )
142 | 
143 |         return self._service
144 | 
145 |     @abstractmethod
146 |     def get_scheme(self):
147 |         """The scheme defines the parameters understood by this modular input.
148 | 
149 |         :return: a ``Scheme`` object representing the parameters for this modular input.
150 |         """
151 | 
152 |     def validate_input(self, definition):
153 |         """Handles external validation for modular input kinds.
154 | 
155 |         When Splunk calls a modular input script in validation mode, it will
156 |         pass in an XML document giving information about the Splunk instance (so
157 |         you can call back into it if needed) and the name and parameters of the
158 |         proposed input.
159 | 
160 |         If this function does not throw an exception, the validation is assumed
161 |         to succeed. Otherwise any errors thrown will be turned into a string and
162 |         logged back to Splunk.
163 | 
164 |         The default implementation always passes.
165 | 
166 |         :param definition: The parameters for the proposed input passed by splunkd.
167 |         """
168 |         pass
169 | 
170 |     @abstractmethod
171 |     def stream_events(self, inputs, ew):
172 |         """The method called to stream events into Splunk. It should do all of its output via
173 |         EventWriter rather than assuming that there is a console attached.
174 | 
175 |         :param inputs: An ``InputDefinition`` object.
176 |         :param ew: An object with methods to write events and log messages to Splunk.
177 |         """
178 | 


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/utils.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2011-2015 Splunk, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
 4 | # not use this file except in compliance with the License. You may obtain
 5 | # a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 | # License for the specific language governing permissions and limitations
13 | # under the License.
14 | 
15 | # File for utility functions
16 | 
17 | from __future__ import absolute_import
18 | from splunklib.six.moves import zip
19 | def xml_compare(expected, found):
20 |     """Checks equality of two ``ElementTree`` objects.
21 | 
22 |     :param expected: An ``ElementTree`` object.
23 |     :param found: An ``ElementTree`` object.
24 |     :return: ``Boolean``, whether the two objects are equal.
25 |     """
26 | 
27 |     # if comparing the same ET object
28 |     if expected == found:
29 |         return True
30 | 
31 |     # compare element attributes, ignoring order
32 |     if set(expected.items()) != set(found.items()):
33 |         return False
34 | 
35 |     # check for equal number of children
36 |     expected_children = list(expected)
37 |     found_children = list(found)
38 |     if len(expected_children) != len(found_children):
39 |         return False
40 | 
41 |     # compare children
42 |     if not all([xml_compare(a, b) for a, b in zip(expected_children, found_children)]):
43 |         return False
44 | 
45 |     # compare elements, if there is no text node, return True
46 |     if (expected.text is None or expected.text.strip() == "") \
47 |         and (found.text is None or found.text.strip() == ""):
48 |         return True
49 |     else:
50 |         return expected.tag == found.tag and expected.text == found.text \
51 |             and expected.attrib == found.attrib
52 | 
53 | def parse_parameters(param_node):
54 |     if param_node.tag == "param":
55 |         return param_node.text
56 |     elif param_node.tag == "param_list":
57 |         parameters = []
58 |         for mvp in param_node:
59 |             parameters.append(mvp.text)
60 |         return parameters
61 |     else:
62 |         raise ValueError("Invalid configuration scheme, %s tag unexpected." % param_node.tag)
63 | 
64 | def parse_xml_data(parent_node, child_node_tag):
65 |     data = {}
66 |     for child in parent_node:
67 |         if child.tag == child_node_tag:
68 |             if child_node_tag == "stanza":
69 |                 data[child.get("name")] = {}
70 |                 for param in child:
71 |                     data[child.get("name")][param.get("name")] = parse_parameters(param)
72 |         elif "item" == parent_node.tag:
73 |             data[child.get("name")] = parse_parameters(child)
74 |     return data
75 | 


--------------------------------------------------------------------------------
/bin/splunklib/modularinput/validation_definition.py:
--------------------------------------------------------------------------------
 1 | # Copyright 2011-2015 Splunk, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
 4 | # not use this file except in compliance with the License. You may obtain
 5 | # a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 | # License for the specific language governing permissions and limitations
13 | # under the License.
14 | 
15 | 
16 | from __future__ import absolute_import
17 | try:
18 |     import xml.etree.cElementTree as ET
19 | except ImportError as ie:
20 |     import xml.etree.ElementTree as ET
21 | 
22 | from .utils import parse_xml_data
23 | 
24 | 
25 | class ValidationDefinition(object):
26 |     """This class represents the XML sent by Splunk for external validation of a
27 |     new modular input.
28 | 
29 |     **Example**::
30 | 
31 |         v = ValidationDefinition()
32 | 
33 |     """
34 |     def __init__(self):
35 |         self.metadata = {}
36 |         self.parameters = {}
37 | 
38 |     def __eq__(self, other):
39 |         if not isinstance(other, ValidationDefinition):
40 |             return False
41 |         return self.metadata == other.metadata and self.parameters == other.parameters
42 | 
43 |     @staticmethod
44 |     def parse(stream):
45 |         """Creates a ``ValidationDefinition`` from a provided stream containing XML.
46 | 
47 |         The XML typically will look like this:
48 | 
49 |         ..  code-block:: xml
50 | 
51 |             <items>
52 |                <server_host>myHost</server_host>
53 |                  <server_uri>https://127.0.0.1:8089</server_uri>
54 |                  <session_key>123102983109283019283</session_key>
55 |                  <checkpoint_dir>/opt/splunk/var/lib/splunk/modinputs</checkpoint_dir>
56 |                  <item name="myScheme">
57 |                    <param name="param1">value1</param>
58 |                    <param_list name="param2">
59 |                      <value>value2</value>
60 |                      <value>value3</value>
61 |                      <value>value4</value>
62 |                    </param_list>
63 |                  </item>
64 |             </items>
65 | 
66 |         :param stream: ``Stream`` containing XML to parse.
67 |         :return: A ``ValidationDefinition`` object.
68 | 
69 |         """
70 | 
71 |         definition = ValidationDefinition()
72 | 
73 |         # parse XML from the stream, then get the root node
74 |         root = ET.parse(stream).getroot()
75 | 
76 |         for node in root:
77 |             # lone item node
78 |             if node.tag == "item":
79 |                 # name from item node
80 |                 definition.metadata["name"] = node.get("name")
81 |                 definition.parameters = parse_xml_data(node, "")
82 |             else:
83 |                 # Store anything else in metadata
84 |                 definition.metadata[node.tag] = node.text
85 | 
86 |         return definition


--------------------------------------------------------------------------------
/bin/splunklib/ordereddict.py:
--------------------------------------------------------------------------------
  1 | # Copyright (c) 2009 Raymond Hettinger
  2 | #
  3 | # Permission is hereby granted, free of charge, to any person
  4 | # obtaining a copy of this software and associated documentation files
  5 | # (the "Software"), to deal in the Software without restriction,
  6 | # including without limitation the rights to use, copy, modify, merge,
  7 | # publish, distribute, sublicense, and/or sell copies of the Software,
  8 | # and to permit persons to whom the Software is furnished to do so,
  9 | # subject to the following conditions:
 10 | #
 11 | #     The above copyright notice and this permission notice shall be
 12 | #     included in all copies or substantial portions of the Software.
 13 | #
 14 | #     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 15 | #     EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
 16 | #     OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 17 | #     NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
 18 | #     HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 19 | #     WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 20 | #     FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 21 | #     OTHER DEALINGS IN THE SOFTWARE.
 22 | 
 23 | from UserDict import DictMixin
 24 | 
 25 | 
 26 | class OrderedDict(dict, DictMixin):
 27 | 
 28 |     def __init__(self, *args, **kwds):
 29 |         if len(args) > 1:
 30 |             raise TypeError('expected at most 1 arguments, got %d' % len(args))
 31 |         try:
 32 |             self.__end
 33 |         except AttributeError:
 34 |             self.clear()
 35 |         self.update(*args, **kwds)
 36 | 
 37 |     def clear(self):
 38 |         self.__end = end = []
 39 |         end += [None, end, end]         # sentinel node for doubly linked list
 40 |         self.__map = {}                 # key --> [key, prev, next]
 41 |         dict.clear(self)
 42 | 
 43 |     def __setitem__(self, key, value):
 44 |         if key not in self:
 45 |             end = self.__end
 46 |             curr = end[1]
 47 |             curr[2] = end[1] = self.__map[key] = [key, curr, end]
 48 |         dict.__setitem__(self, key, value)
 49 | 
 50 |     def __delitem__(self, key):
 51 |         dict.__delitem__(self, key)
 52 |         key, prev, next = self.__map.pop(key)
 53 |         prev[2] = next
 54 |         next[1] = prev
 55 | 
 56 |     def __iter__(self):
 57 |         end = self.__end
 58 |         curr = end[2]
 59 |         while curr is not end:
 60 |             yield curr[0]
 61 |             curr = curr[2]
 62 | 
 63 |     def __reversed__(self):
 64 |         end = self.__end
 65 |         curr = end[1]
 66 |         while curr is not end:
 67 |             yield curr[0]
 68 |             curr = curr[1]
 69 | 
 70 |     def popitem(self, last=True):
 71 |         if not self:
 72 |             raise KeyError('dictionary is empty')
 73 |         if last:
 74 |             key = reversed(self).next()
 75 |         else:
 76 |             key = iter(self).next()
 77 |         value = self.pop(key)
 78 |         return key, value
 79 | 
 80 |     def __reduce__(self):
 81 |         items = [[k, self[k]] for k in self]
 82 |         tmp = self.__map, self.__end
 83 |         del self.__map, self.__end
 84 |         inst_dict = vars(self).copy()
 85 |         self.__map, self.__end = tmp
 86 |         if inst_dict:
 87 |             return (self.__class__, (items,), inst_dict)
 88 |         return self.__class__, (items,)
 89 | 
 90 |     def keys(self):
 91 |         return list(self)
 92 | 
 93 |     setdefault = DictMixin.setdefault
 94 |     update = DictMixin.update
 95 |     pop = DictMixin.pop
 96 |     values = DictMixin.values
 97 |     items = DictMixin.items
 98 |     iterkeys = DictMixin.iterkeys
 99 |     itervalues = DictMixin.itervalues
100 |     iteritems = DictMixin.iteritems
101 | 
102 |     def __repr__(self):
103 |         if not self:
104 |             return '%s()' % (self.__class__.__name__,)
105 |         return '%s(%r)' % (self.__class__.__name__, self.items())
106 | 
107 |     def copy(self):
108 |         return self.__class__(self)
109 | 
110 |     @classmethod
111 |     def fromkeys(cls, iterable, value=None):
112 |         d = cls()
113 |         for key in iterable:
114 |             d[key] = value
115 |         return d
116 | 
117 |     def __eq__(self, other):
118 |         if isinstance(other, OrderedDict):
119 |             if len(self) != len(other):
120 |                 return False
121 |             for p, q in  zip(self.items(), other.items()):
122 |                 if p != q:
123 |                     return False
124 |             return True
125 |         return dict.__eq__(self, other)
126 | 
127 |     def __ne__(self, other):
128 |         return not self == other
129 | 


--------------------------------------------------------------------------------
/bin/splunklib/results.py:
--------------------------------------------------------------------------------
  1 | # Copyright 2011-2015 Splunk, Inc.
  2 | #
  3 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  4 | # not use this file except in compliance with the License. You may obtain
  5 | # a copy of the License at
  6 | #
  7 | #     http://www.apache.org/licenses/LICENSE-2.0
  8 | #
  9 | # Unless required by applicable law or agreed to in writing, software
 10 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 11 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 12 | # License for the specific language governing permissions and limitations
 13 | # under the License.
 14 | 
 15 | """The **splunklib.results** module provides a streaming XML reader for Splunk
 16 | search results.
 17 | 
 18 | Splunk search results can be returned in a variety of formats including XML,
 19 | JSON, and CSV. To make it easier to stream search results in XML format, they
 20 | are returned as a stream of XML *fragments*, not as a single XML document. This
 21 | module supports incrementally reading one result record at a time from such a
 22 | result stream. This module also provides a friendly iterator-based interface for
 23 | accessing search results while avoiding buffering the result set, which can be
 24 | very large.
 25 | 
 26 | To use the reader, instantiate :class:`ResultsReader` on a search result stream
 27 | as follows:::
 28 | 
 29 |     reader = ResultsReader(result_stream)
 30 |     for item in reader:
 31 |         print(item)
 32 |     print "Results are a preview: %s" % reader.is_preview
 33 | """
 34 | 
 35 | from __future__ import absolute_import
 36 | 
 37 | from io import BytesIO
 38 | 
 39 | from splunklib import six
 40 | try:
 41 |     import xml.etree.cElementTree as et
 42 | except:
 43 |     import xml.etree.ElementTree as et
 44 | 
 45 | try:
 46 |     from collections import OrderedDict  # must be python 2.7
 47 | except ImportError:
 48 |     from .ordereddict import OrderedDict
 49 | 
 50 | try:
 51 |     from splunklib.six.moves import cStringIO as StringIO
 52 | except:
 53 |     from splunklib.six import StringIO
 54 | 
 55 | __all__ = [
 56 |     "ResultsReader",
 57 |     "Message"
 58 | ]
 59 | 
 60 | class Message(object):
 61 |     """This class represents informational messages that Splunk interleaves in the results stream.
 62 | 
 63 |     ``Message`` takes two arguments: a string giving the message type (e.g., "DEBUG"), and
 64 |     a string giving the message itself.
 65 | 
 66 |     **Example**::
 67 | 
 68 |         m = Message("DEBUG", "There's something in that variable...")
 69 |     """
 70 |     def __init__(self, type_, message):
 71 |         self.type = type_
 72 |         self.message = message
 73 | 
 74 |     def __repr__(self):
 75 |         return "%s: %s" % (self.type, self.message)
 76 | 
 77 |     def __eq__(self, other):
 78 |         return (self.type, self.message) == (other.type, other.message)
 79 | 
 80 |     def __hash__(self):
 81 |         return hash((self.type, self.message))
 82 | 
 83 | class _ConcatenatedStream(object):
 84 |     """Lazily concatenate zero or more streams into a stream.
 85 | 
 86 |     As you read from the concatenated stream, you get characters from
 87 |     each stream passed to ``_ConcatenatedStream``, in order.
 88 | 
 89 |     **Example**::
 90 | 
 91 |         from StringIO import StringIO
 92 |         s = _ConcatenatedStream(StringIO("abc"), StringIO("def"))
 93 |         assert s.read() == "abcdef"
 94 |     """
 95 |     def __init__(self, *streams):
 96 |         self.streams = list(streams)
 97 | 
 98 |     def read(self, n=None):
 99 |         """Read at most *n* characters from this stream.
100 | 
101 |         If *n* is ``None``, return all available characters.
102 |         """
103 |         response = b""
104 |         while len(self.streams) > 0 and (n is None or n > 0):
105 |             txt = self.streams[0].read(n)
106 |             response += txt
107 |             if n is not None:
108 |                 n -= len(txt)
109 |             if n is None or n > 0:
110 |                 del self.streams[0]
111 |         return response
112 | 
113 | class _XMLDTDFilter(object):
114 |     """Lazily remove all XML DTDs from a stream.
115 | 
116 |     All substrings matching the regular expression <?[^>]*> are
117 |     removed in their entirety from the stream. No regular expressions
118 |     are used, however, so everything still streams properly.
119 | 
120 |     **Example**::
121 | 
122 |         from StringIO import StringIO
123 |         s = _XMLDTDFilter("<?xml abcd><element><?xml ...></element>")
124 |         assert s.read() == "<element></element>"
125 |     """
126 |     def __init__(self, stream):
127 |         self.stream = stream
128 | 
129 |     def read(self, n=None):
130 |         """Read at most *n* characters from this stream.
131 | 
132 |         If *n* is ``None``, return all available characters.
133 |         """
134 |         response = b""
135 |         while n is None or n > 0:
136 |             c = self.stream.read(1)
137 |             if c == b"":
138 |                 break
139 |             elif c == b"<":
140 |                 c += self.stream.read(1)
141 |                 if c == b"<?":
142 |                     while True:
143 |                         q = self.stream.read(1)
144 |                         if q == b">":
145 |                             break
146 |                 else:
147 |                     response += c
148 |                     if n is not None:
149 |                         n -= len(c)
150 |             else:
151 |                 response += c
152 |                 if n is not None:
153 |                     n -= 1
154 |         return response
155 | 
156 | class ResultsReader(object):
157 |     """This class returns dictionaries and Splunk messages from an XML results
158 |     stream.
159 | 
160 |     ``ResultsReader`` is iterable, and returns a ``dict`` for results, or a
161 |     :class:`Message` object for Splunk messages. This class has one field,
162 |     ``is_preview``, which is ``True`` when the results are a preview from a
163 |     running search, or ``False`` when the results are from a completed search.
164 | 
165 |     This function has no network activity other than what is implicit in the
166 |     stream it operates on.
167 | 
168 |     :param `stream`: The stream to read from (any object that supports
169 |         ``.read()``).
170 | 
171 |     **Example**::
172 | 
173 |         import results
174 |         response = ... # the body of an HTTP response
175 |         reader = results.ResultsReader(response)
176 |         for result in reader:
177 |             if isinstance(result, dict):
178 |                 print "Result: %s" % result
179 |             elif isinstance(result, results.Message):
180 |                 print "Message: %s" % result
181 |         print "is_preview = %s " % reader.is_preview
182 |     """
183 |     # Be sure to update the docstrings of client.Jobs.oneshot,
184 |     # client.Job.results_preview and client.Job.results to match any
185 |     # changes made to ResultsReader.
186 |     #
187 |     # This wouldn't be a class, just the _parse_results function below,
188 |     # except that you cannot get the current generator inside the
189 |     # function creating that generator. Thus it's all wrapped up for
190 |     # the sake of one field.
191 |     def __init__(self, stream):
192 |         # The search/jobs/exports endpoint, when run with
193 |         # earliest_time=rt and latest_time=rt streams a sequence of
194 |         # XML documents, each containing a result, as opposed to one
195 |         # results element containing lots of results. Python's XML
196 |         # parsers are broken, and instead of reading one full document
197 |         # and returning the stream that follows untouched, they
198 |         # destroy the stream and throw an error. To get around this,
199 |         # we remove all the DTD definitions inline, then wrap the
200 |         # fragments in a fiction <doc> element to make the parser happy.
201 |         stream = _XMLDTDFilter(stream)
202 |         stream = _ConcatenatedStream(BytesIO(b"<doc>"), stream, BytesIO(b"</doc>"))
203 |         self.is_preview = None
204 |         self._gen = self._parse_results(stream)
205 | 
206 |     def __iter__(self):
207 |         return self
208 | 
209 |     def next(self):
210 |         return next(self._gen)
211 | 
212 |     __next__ = next
213 | 
214 |     def _parse_results(self, stream):
215 |         """Parse results and messages out of *stream*."""
216 |         result = None
217 |         values = None
218 |         try:
219 |             for event, elem in et.iterparse(stream, events=('start', 'end')):
220 |                 if elem.tag == 'results' and event == 'start':
221 |                     # The wrapper element is a <results preview="0|1">. We
222 |                     # don't care about it except to tell is whether these
223 |                     # are preview results, or the final results from the
224 |                     # search.
225 |                     is_preview = elem.attrib['preview'] == '1'
226 |                     self.is_preview = is_preview
227 |                 if elem.tag == 'result':
228 |                     if event == 'start':
229 |                         result = OrderedDict()
230 |                     elif event == 'end':
231 |                         yield result
232 |                         result = None
233 |                         elem.clear()
234 | 
235 |                 elif elem.tag == 'field' and result is not None:
236 |                     # We need the 'result is not None' check because
237 |                     # 'field' is also the element name in the <meta>
238 |                     # header that gives field order, which is not what we
239 |                     # want at all.
240 |                     if event == 'start':
241 |                         values = []
242 |                     elif event == 'end':
243 |                         field_name = elem.attrib['k']
244 |                         if len(values) == 1:
245 |                             result[field_name] = values[0]
246 |                         else:
247 |                             result[field_name] = values
248 |                         # Calling .clear() is necessary to let the
249 |                         # element be garbage collected. Otherwise
250 |                         # arbitrarily large results sets will use
251 |                         # arbitrarily large memory intead of
252 |                         # streaming.
253 |                         elem.clear()
254 | 
255 |                 elif elem.tag in ('text', 'v') and event == 'end':
256 |                     try:
257 |                         text = "".join(elem.itertext())
258 |                     except AttributeError:
259 |                         # Assume we're running in Python < 2.7, before itertext() was added
260 |                         # So we'll define it here
261 | 
262 |                         def __itertext(self):
263 |                           tag = self.tag
264 |                           if not isinstance(tag, six.string_types) and tag is not None:
265 |                               return
266 |                           if self.text:
267 |                               yield self.text
268 |                           for e in self:
269 |                               for s in __itertext(e):
270 |                                   yield s
271 |                               if e.tail:
272 |                                   yield e.tail
273 | 
274 |                         text = "".join(__itertext(elem))
275 |                     values.append(text)
276 |                     elem.clear()
277 | 
278 |                 elif elem.tag == 'msg':
279 |                     if event == 'start':
280 |                         msg_type = elem.attrib['type']
281 |                     elif event == 'end':
282 |                         text = elem.text if elem.text is not None else ""
283 |                         yield Message(msg_type, text)
284 |                         elem.clear()
285 |         except SyntaxError as pe:
286 |             # This is here to handle the same incorrect return from
287 |             # splunk that is described in __init__.
288 |             if 'no element found' in pe.msg:
289 |                 return
290 |             else:
291 |                 raise
292 | 
293 | 
294 | 
295 | 
296 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/__init__.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright © 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | """
 18 | 
 19 | .. topic:: Design Notes
 20 | 
 21 |   1. Commands are constrained to this ABNF grammar::
 22 | 
 23 |         command       = command-name *[wsp option] *[wsp [dquote] field-name [dquote]]
 24 |         command-name  = alpha *( alpha / digit )
 25 |         option        = option-name [wsp] "=" [wsp] option-value
 26 |         option-name   = alpha *( alpha / digit / "_" )
 27 |         option-value  = word / quoted-string
 28 |         word          = 1*( %01-%08 / %0B / %0C / %0E-1F / %21 / %23-%FF ) ; Any character but DQUOTE and WSP
 29 |         quoted-string = dquote *( word / wsp / "\" dquote / dquote dquote ) dquote
 30 |         field-name    = ( "_" / alpha ) *( alpha / digit / "_" / "." / "-" )
 31 | 
 32 |      It does not show that :code:`field-name` values may be comma-separated. This is because Splunk strips commas from
 33 |      the command line. A search command will never see them.
 34 | 
 35 |   2. Search commands targeting versions of Splunk prior to 6.3 must be statically configured as follows:
 36 | 
 37 |      .. code-block:: text
 38 |         :linenos:
 39 | 
 40 |         [command_name]
 41 |         filename = command_name.py
 42 |         supports_getinfo = true
 43 |         supports_rawargs = true
 44 | 
 45 |      No other static configuration is required or expected and may interfere with command execution.
 46 | 
 47 |   3. Commands support dynamic probing for settings.
 48 | 
 49 |      Splunk probes for settings dynamically when :code:`supports_getinfo=true`.
 50 |      You must add this line to the commands.conf stanza for each of your search
 51 |      commands.
 52 | 
 53 |   4. Commands do not support parsed arguments on the command line.
 54 | 
 55 |      Splunk parses arguments when :code:`supports_rawargs=false`. The
 56 |      :code:`SearchCommand` class sets this value unconditionally. You cannot
 57 |      override it.
 58 | 
 59 |      **Rationale**
 60 | 
 61 |      Splunk parses arguments by stripping quotes, nothing more. This may be useful
 62 |      in some cases, but doesn't work well with our chosen grammar.
 63 | 
 64 |   5. Commands consume input headers.
 65 | 
 66 |      An input header is provided by Splunk when :code:`enableheader=true`. The
 67 |      :class:`SearchCommand` class sets this value unconditionally. You cannot
 68 |      override it.
 69 | 
 70 |   6. Commands produce an output messages header.
 71 | 
 72 |      Splunk expects a command to produce an output messages header when
 73 |      :code:`outputheader=true`. The :class:`SearchCommand` class sets this value
 74 |      unconditionally. You cannot override it.
 75 | 
 76 |   7. Commands support multi-value fields.
 77 | 
 78 |      Multi-value fields are provided and consumed by Splunk when
 79 |      :code:`supports_multivalue=true`. This value is fixed. You cannot override
 80 |      it.
 81 | 
 82 |   8. This module represents all fields on the output stream in multi-value
 83 |      format.
 84 | 
 85 |      Splunk recognizes two kinds of data: :code:`value` and :code:`list(value)`.
 86 |      The multi-value format represents these data in field pairs. Given field
 87 |      :code:`name` the multi-value format calls for the creation of this pair of
 88 |      fields.
 89 | 
 90 |      ================= =========================================================
 91 |      Field name         Field data
 92 |      ================= =========================================================
 93 |      :code:`name`      Value or text from which a list of values was derived.
 94 | 
 95 |      :code:`__mv_name` Empty, if :code:`field` represents a :code:`value`;
 96 |                        otherwise, an encoded :code:`list(value)`. Values in the
 97 |                        list are wrapped in dollar signs ($) and separated by
 98 |                        semi-colons (;). Dollar signs ($) within a value are
 99 |                        represented by a pair of dollar signs ($$).
100 |      ================= =========================================================
101 | 
102 |      Serializing data in this format enables streaming and reduces a command's
103 |      memory footprint at the cost of one extra byte of data per field per record
104 |      and a small amount of extra processing time by the next command in the
105 |      pipeline.
106 | 
107 |   9. A :class:`ReportingCommand` must override :meth:`~ReportingCommand.reduce`
108 |      and may override :meth:`~ReportingCommand.map`. Map/reduce commands on the
109 |      Splunk processing pipeline are distinguished as this example illustrates.
110 | 
111 |      **Splunk command**
112 | 
113 |      .. code-block:: text
114 | 
115 |          sum total=total_date_hour date_hour
116 | 
117 |      **Map command line**
118 | 
119 |      .. code-block:: text
120 | 
121 |         sum __GETINFO__ __map__ total=total_date_hour date_hour
122 |         sum __EXECUTE__ __map__ total=total_date_hour date_hour
123 | 
124 |      **Reduce command line**
125 | 
126 |      .. code-block:: text
127 | 
128 |         sum __GETINFO__ total=total_date_hour date_hour
129 |         sum __EXECUTE__ total=total_date_hour date_hour
130 | 
131 |      The :code:`__map__` argument is introduced by
132 |      :meth:`ReportingCommand._execute`. Search command authors cannot influence
133 |      the contents of the command line in this release.
134 | 
135 | .. topic:: References
136 | 
137 |   1. `Search command style guide <http://docs.splunk.com/Documentation/Splunk/6.0/Search/Searchcommandstyleguide>`__
138 | 
139 |   2. `Commands.conf.spec <http://docs.splunk.com/Documentation/Splunk/5.0.5/Admin/Commandsconf>`_
140 | 
141 | """
142 | 
143 | from __future__ import absolute_import, division, print_function, unicode_literals
144 | 
145 | from .environment import *
146 | from .decorators import *
147 | from .validators import *
148 | 
149 | from .generating_command import GeneratingCommand
150 | from .streaming_command import StreamingCommand
151 | from .eventing_command import EventingCommand
152 | from .reporting_command import ReportingCommand
153 | 
154 | from .external_search_command import execute, ExternalSearchCommand
155 | from .search_command import dispatch, SearchMetric
156 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/decorators.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright © 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | from splunklib import six
 19 | 
 20 | try:
 21 |     from collections import OrderedDict  # must be python 2.7
 22 | except ImportError:
 23 |     from ..ordereddict import OrderedDict
 24 | 
 25 | from inspect import getmembers, isclass, isfunction
 26 | from splunklib.six.moves import map as imap
 27 | 
 28 | from .internals import ConfigurationSettingsType, json_encode_string
 29 | from .validators import OptionName
 30 | 
 31 | 
 32 | class Configuration(object):
 33 |     """ Defines the configuration settings for a search command.
 34 | 
 35 |     Documents, validates, and ensures that only relevant configuration settings are applied. Adds a :code:`name` class
 36 |     variable to search command classes that don't have one. The :code:`name` is derived from the name of the class.
 37 |     By convention command class names end with the word "Command". To derive :code:`name` the word "Command" is removed
 38 |     from the end of the class name and then converted to lower case for conformance with the `Search command style guide
 39 |     <http://docs.splunk.com/Documentation/Splunk/latest/Search/Searchcommandstyleguide>`__
 40 | 
 41 |     """
 42 |     def __init__(self, o=None, **kwargs):
 43 |         #
 44 |         # The o argument enables the configuration decorator to be used with or without parentheses. For example, it
 45 |         # enables you to write code that looks like this:
 46 |         #
 47 |         #   @Configuration
 48 |         #   class Foo(SearchCommand):
 49 |         #       ...
 50 |         #
 51 |         #   @Configuration()
 52 |         #   class Bar(SearchCommand):
 53 |         #       ...
 54 |         #
 55 |         # Without the o argument, the Python compiler will complain about the first form. With the o argument, both
 56 |         # forms work. The first form provides a value for o: Foo. The second form does does not provide a value for o.
 57 |         # The class or method decorated is not passed to the constructor. A value of None is passed instead.
 58 |         #
 59 |         self.settings = kwargs
 60 | 
 61 |     def __call__(self, o):
 62 | 
 63 |         if isfunction(o):
 64 |             # We must wait to finalize configuration as the class containing this function is under construction
 65 |             # at the time this call to decorate a member function. This will be handled in the call to
 66 |             # o.ConfigurationSettings.fix_up(o) in the elif clause of this code block.
 67 |             o._settings = self.settings
 68 |         elif isclass(o):
 69 | 
 70 |             # Set command name
 71 | 
 72 |             name = o.__name__
 73 |             if name.endswith('Command'):
 74 |                 name = name[:-len('Command')]
 75 |             o.name = six.text_type(name.lower())
 76 | 
 77 |             # Construct ConfigurationSettings instance for the command class
 78 | 
 79 |             o.ConfigurationSettings = ConfigurationSettingsType(
 80 |                 module=o.__module__ + '.' + o.__name__,
 81 |                 name='ConfigurationSettings',
 82 |                 bases=(o.ConfigurationSettings,))
 83 | 
 84 |             ConfigurationSetting.fix_up(o.ConfigurationSettings, self.settings)
 85 |             o.ConfigurationSettings.fix_up(o)
 86 |             Option.fix_up(o)
 87 |         else:
 88 |             raise TypeError('Incorrect usage: Configuration decorator applied to {0}'.format(type(o), o.__name__))
 89 | 
 90 |         return o
 91 | 
 92 | 
 93 | class ConfigurationSetting(property):
 94 |     """ Generates a :class:`property` representing the named configuration setting
 95 | 
 96 |     This is a convenience function designed to reduce the amount of boiler-plate code you must write; most notably for
 97 |     property setters.
 98 | 
 99 |     :param name: Configuration setting name.
100 |     :type name: str or unicode
101 | 
102 |     :param doc: A documentation string.
103 |     :type doc: bytes, unicode or NoneType
104 | 
105 |     :param readonly: If true, specifies that the configuration setting is fixed.
106 |     :type name: bool or NoneType
107 | 
108 |     :param value: Configuration setting value.
109 | 
110 |     :return: A :class:`property` instance representing the configuration setting.
111 |     :rtype: property
112 | 
113 |     """
114 |     def __init__(self, fget=None, fset=None, fdel=None, doc=None, name=None, readonly=None, value=None):
115 |         property.__init__(self, fget=fget, fset=fset, fdel=fdel, doc=doc)
116 |         self._readonly = readonly
117 |         self._value = value
118 |         self._name = name
119 | 
120 |     def __call__(self, function):
121 |         return self.getter(function)
122 | 
123 |     def deleter(self, function):
124 |         return self._copy_extra_attributes(property.deleter(self, function))
125 | 
126 |     def getter(self, function):
127 |         return self._copy_extra_attributes(property.getter(self, function))
128 | 
129 |     def setter(self, function):
130 |         return self._copy_extra_attributes(property.setter(self, function))
131 | 
132 |     @staticmethod
133 |     def fix_up(cls, values):
134 | 
135 |         is_configuration_setting = lambda attribute: isinstance(attribute, ConfigurationSetting)
136 |         definitions = getmembers(cls, is_configuration_setting)
137 |         i = 0
138 | 
139 |         for name, setting in definitions:
140 | 
141 |             if setting._name is None:
142 |                 setting._name = name = six.text_type(name)
143 |             else:
144 |                 name = setting._name
145 | 
146 |             validate, specification = setting._get_specification()
147 |             backing_field_name = '_' + name
148 | 
149 |             if setting.fget is None and setting.fset is None and setting.fdel is None:
150 | 
151 |                 value = setting._value
152 | 
153 |                 if setting._readonly or value is not None:
154 |                     validate(specification, name, value)
155 | 
156 |                 def fget(bfn, value):
157 |                     return lambda this: getattr(this, bfn, value)
158 | 
159 |                 setting = setting.getter(fget(backing_field_name, value))
160 | 
161 |                 if not setting._readonly:
162 | 
163 |                     def fset(bfn, validate, specification, name):
164 |                         return lambda this, value: setattr(this, bfn, validate(specification, name, value))
165 | 
166 |                     setting = setting.setter(fset(backing_field_name, validate, specification, name))
167 | 
168 |                 setattr(cls, name, setting)
169 | 
170 |             def is_supported_by_protocol(supporting_protocols):
171 | 
172 |                 def is_supported_by_protocol(version):
173 |                     return version in supporting_protocols
174 | 
175 |                 return is_supported_by_protocol
176 | 
177 |             del setting._name, setting._value, setting._readonly
178 | 
179 |             setting.is_supported_by_protocol = is_supported_by_protocol(specification.supporting_protocols)
180 |             setting.supporting_protocols = specification.supporting_protocols
181 |             setting.backing_field_name = backing_field_name
182 |             definitions[i] = setting
183 |             setting.name = name
184 | 
185 |             i += 1
186 | 
187 |             try:
188 |                 value = values[name]
189 |             except KeyError:
190 |                 continue
191 | 
192 |             if setting.fset is None:
193 |                 raise ValueError('The value of configuration setting {} is fixed'.format(name))
194 | 
195 |             setattr(cls, backing_field_name, validate(specification, name, value))
196 |             del values[name]
197 | 
198 |         if len(values) > 0:
199 |             settings = sorted(list(six.iteritems(values)))
200 |             settings = imap(lambda n_v: '{}={}'.format(n_v[0], repr(n_v[1])), settings)
201 |             raise AttributeError('Inapplicable configuration settings: ' + ', '.join(settings))
202 | 
203 |         cls.configuration_setting_definitions = definitions
204 | 
205 |     def _copy_extra_attributes(self, other):
206 |         other._readonly = self._readonly
207 |         other._value = self._value
208 |         other._name = self._name
209 |         return other
210 | 
211 |     def _get_specification(self):
212 | 
213 |         name = self._name
214 | 
215 |         try:
216 |             specification = ConfigurationSettingsType.specification_matrix[name]
217 |         except KeyError:
218 |             raise AttributeError('Unknown configuration setting: {}={}'.format(name, repr(self._value)))
219 | 
220 |         return ConfigurationSettingsType.validate_configuration_setting, specification
221 | 
222 | 
223 | class Option(property):
224 |     """ Represents a search command option.
225 | 
226 |     Required options must be specified on the search command line.
227 | 
228 |     **Example:**
229 | 
230 |     Short form (recommended). When you are satisfied with built-in or custom validation behaviors.
231 | 
232 |     ..  code-block:: python
233 |         :linenos:
234 | 
235 |         from splunklib.searchcommands.decorators import Option
236 |         from splunklib.searchcommands.validators import Fieldname
237 | 
238 |         total = Option(
239 |             doc=''' **Syntax:** **total=***<fieldname>*
240 |             **Description:** Name of the field that will hold the computed
241 |             sum''',
242 |             require=True, validate=Fieldname())
243 | 
244 |     **Example:**
245 | 
246 |     Long form. Useful when you wish to manage the option value and its deleter/getter/setter side-effects yourself. You
247 |     must provide a getter and a setter. If your :code:`Option` requires `destruction <https://docs.python.org/2/reference/datamodel.html#object.__del__>`_ you must
248 |     also provide a deleter. You must be prepared to accept a value of :const:`None` which indicates that your
249 |     :code:`Option` is unset.
250 | 
251 |     ..  code-block:: python
252 |         :linenos:
253 | 
254 |         from splunklib.searchcommands import Option
255 | 
256 |         @Option()
257 |         def logging_configuration(self):
258 |             \""" **Syntax:** logging_configuration=<path>
259 |             **Description:** Loads an alternative logging configuration file for a command invocation. The logging
260 |             configuration file must be in Python ConfigParser-format. The *<path>* name and all path names specified in
261 |             configuration are relative to the app root directory.
262 | 
263 |             \"""
264 |             return self._logging_configuration
265 | 
266 |         @logging_configuration.setter
267 |         def logging_configuration(self, value):
268 |             if value is not None
269 |                 logging.configure(value)
270 |                 self._logging_configuration = value
271 | 
272 |         def __init__(self)
273 |             self._logging_configuration = None
274 | 
275 |     """
276 |     def __init__(self, fget=None, fset=None, fdel=None, doc=None, name=None, default=None, require=None, validate=None):
277 |         property.__init__(self, fget, fset, fdel, doc)
278 |         self.name = name
279 |         self.default = default
280 |         self.validate = validate
281 |         self.require = bool(require)
282 | 
283 |     def __call__(self, function):
284 |         return self.getter(function)
285 | 
286 |     # region Methods
287 | 
288 |     def deleter(self, function):
289 |         return self._copy_extra_attributes(property.deleter(self, function))
290 | 
291 |     def getter(self, function):
292 |         return self._copy_extra_attributes(property.getter(self, function))
293 | 
294 |     def setter(self, function):
295 |         return self._copy_extra_attributes(property.setter(self, function))
296 | 
297 |     @classmethod
298 |     def fix_up(cls, command_class):
299 | 
300 |         is_option = lambda attribute: isinstance(attribute, Option)
301 |         definitions = getmembers(command_class, is_option)
302 |         validate_option_name = OptionName()
303 |         i = 0
304 | 
305 |         for name, option in definitions:
306 | 
307 |             if option.name is None:
308 |                 option.name = name  # no validation required
309 |             else:
310 |                 validate_option_name(option.name)
311 | 
312 |             if option.fget is None and option.fset is None and option.fdel is None:
313 |                 backing_field_name = '_' + name
314 | 
315 |                 def fget(bfn):
316 |                     return lambda this: getattr(this, bfn, None)
317 | 
318 |                 option = option.getter(fget(backing_field_name))
319 | 
320 |                 def fset(bfn, validate):
321 |                     if validate is None:
322 |                         return lambda this, value: setattr(this, bfn, value)
323 |                     return lambda this, value: setattr(this, bfn, validate(value))
324 | 
325 |                 option = option.setter(fset(backing_field_name, option.validate))
326 |                 setattr(command_class, name, option)
327 | 
328 |             elif option.validate is not None:
329 | 
330 |                 def fset(function, validate):
331 |                     return lambda this, value: function(this, validate(value))
332 | 
333 |                 option = option.setter(fset(option.fset, option.validate))
334 |                 setattr(command_class, name, option)
335 | 
336 |             definitions[i] = name, option
337 |             i += 1
338 | 
339 |         command_class.option_definitions = definitions
340 | 
341 |     def _copy_extra_attributes(self, other):
342 |         other.name = self.name
343 |         other.default = self.default
344 |         other.require = self.require
345 |         other.validate = self.validate
346 |         return other
347 | 
348 |     # endregion
349 | 
350 |     # region Types
351 | 
352 |     class Item(object):
353 |         """ Presents an instance/class view over a search command `Option`.
354 | 
355 |         This class is used by SearchCommand.process to parse and report on option values.
356 | 
357 |         """
358 |         def __init__(self, command, option):
359 |             self._command = command
360 |             self._option = option
361 |             self._is_set = False
362 |             validator = self.validator
363 |             self._format = six.text_type if validator is None else validator.format
364 | 
365 |         def __repr__(self):
366 |             return '(' + repr(self.name) + ', ' + repr(self._format(self.value)) + ')'
367 | 
368 |         def __str__(self):
369 |             value = self.value
370 |             value = 'None' if value is None else json_encode_string(self._format(value))
371 |             return self.name + '=' + value
372 | 
373 |         # region Properties
374 | 
375 |         @property
376 |         def is_required(self):
377 |             return bool(self._option.require)
378 | 
379 |         @property
380 |         def is_set(self):
381 |             """ Indicates whether an option value was provided as argument.
382 | 
383 |             """
384 |             return self._is_set
385 | 
386 |         @property
387 |         def name(self):
388 |             return self._option.name
389 | 
390 |         @property
391 |         def validator(self):
392 |             return self._option.validate
393 | 
394 |         @property
395 |         def value(self):
396 |             return self._option.__get__(self._command)
397 | 
398 |         @value.setter
399 |         def value(self, value):
400 |             self._option.__set__(self._command, value)
401 |             self._is_set = True
402 | 
403 |         # endregion
404 | 
405 |         # region Methods
406 | 
407 |         def reset(self):
408 |             self._option.__set__(self._command, self._option.default)
409 |             self._is_set = False
410 | 
411 |         pass
412 |         # endregion
413 | 
414 |     class View(OrderedDict):
415 |         """ Presents an ordered dictionary view of the set of :class:`Option` arguments to a search command.
416 | 
417 |         This class is used by SearchCommand.process to parse and report on option values.
418 | 
419 |         """
420 |         def __init__(self, command):
421 |             definitions = type(command).option_definitions
422 |             item_class = Option.Item
423 |             OrderedDict.__init__(self, ((option.name, item_class(command, option)) for (name, option) in definitions))
424 | 
425 |         def __repr__(self):
426 |             text = 'Option.View([' + ','.join(imap(lambda item: repr(item), six.itervalues(self))) + '])'
427 |             return text
428 | 
429 |         def __str__(self):
430 |             text = ' '.join([str(item) for item in six.itervalues(self) if item.is_set])
431 |             return text
432 | 
433 |         # region Methods
434 | 
435 |         def get_missing(self):
436 |             missing = [item.name for item in six.itervalues(self) if item.is_required and not item.is_set]
437 |             return missing if len(missing) > 0 else None
438 | 
439 |         def reset(self):
440 |             for value in six.itervalues(self):
441 |                 value.reset()
442 | 
443 |         pass
444 |         # endregion
445 | 
446 |     pass
447 |     # endregion
448 | 
449 | 
450 | __all__ = ['Configuration', 'Option']
451 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/environment.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright © 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from logging import getLogger, root, StreamHandler
 20 | from logging.config import fileConfig
 21 | from os import chdir, environ, path
 22 | from splunklib.six.moves import getcwd
 23 | 
 24 | import sys
 25 | 
 26 | 
 27 | def configure_logging(logger_name, filename=None):
 28 |     """ Configure logging and return the named logger and the location of the logging configuration file loaded.
 29 | 
 30 |     This function expects a Splunk app directory structure::
 31 | 
 32 |         <app-root>
 33 |             bin
 34 |                 ...
 35 |             default
 36 |                 ...
 37 |             local
 38 |                 ...
 39 | 
 40 |     This function looks for a logging configuration file at each of these locations, loading the first, if any,
 41 |     logging configuration file that it finds::
 42 | 
 43 |         local/{name}.logging.conf
 44 |         default/{name}.logging.conf
 45 |         local/logging.conf
 46 |         default/logging.conf
 47 | 
 48 |     The current working directory is set to *<app-root>* before the logging configuration file is loaded. Hence, paths
 49 |     in the logging configuration file are relative to *<app-root>*. The current directory is reset before return.
 50 | 
 51 |     You may short circuit the search for a logging configuration file by providing an alternative file location in
 52 |     `path`. Logging configuration files must be in `ConfigParser format`_.
 53 | 
 54 |     #Arguments:
 55 | 
 56 |     :param logger_name: Logger name
 57 |     :type logger_name: bytes, unicode
 58 | 
 59 |     :param filename: Location of an alternative logging configuration file or `None`.
 60 |     :type filename: bytes, unicode or NoneType
 61 | 
 62 |     :returns: The named logger and the location of the logging configuration file loaded.
 63 |     :rtype: tuple
 64 | 
 65 |     .. _ConfigParser format: https://docs.python.org/2/library/logging.config.html#configuration-file-format
 66 | 
 67 |     """
 68 |     if filename is None:
 69 |         if logger_name is None:
 70 |             probing_paths = [path.join('local', 'logging.conf'), path.join('default', 'logging.conf')]
 71 |         else:
 72 |             probing_paths = [
 73 |                 path.join('local', logger_name + '.logging.conf'),
 74 |                 path.join('default', logger_name + '.logging.conf'),
 75 |                 path.join('local', 'logging.conf'),
 76 |                 path.join('default', 'logging.conf')]
 77 |         for relative_path in probing_paths:
 78 |             configuration_file = path.join(app_root, relative_path)
 79 |             if path.exists(configuration_file):
 80 |                 filename = configuration_file
 81 |                 break
 82 |     elif not path.isabs(filename):
 83 |         found = False
 84 |         for conf in 'local', 'default':
 85 |             configuration_file = path.join(app_root, conf, filename)
 86 |             if path.exists(configuration_file):
 87 |                 filename = configuration_file
 88 |                 found = True
 89 |                 break
 90 |         if not found:
 91 |             raise ValueError('Logging configuration file "{}" not found in local or default directory'.format(filename))
 92 |     elif not path.exists(filename):
 93 |         raise ValueError('Logging configuration file "{}" not found'.format(filename))
 94 | 
 95 |     if filename is not None:
 96 |         global _current_logging_configuration_file
 97 |         filename = path.realpath(filename)
 98 | 
 99 |         if filename != _current_logging_configuration_file:
100 |             working_directory = getcwd()
101 |             chdir(app_root)
102 |             try:
103 |                 fileConfig(filename, {'SPLUNK_HOME': splunk_home})
104 |             finally:
105 |                 chdir(working_directory)
106 |             _current_logging_configuration_file = filename
107 | 
108 |     if len(root.handlers) == 0:
109 |         root.addHandler(StreamHandler())
110 | 
111 |     return None if logger_name is None else getLogger(logger_name), filename
112 | 
113 | 
114 | _current_logging_configuration_file = None
115 | 
116 | splunk_home = path.abspath(path.join(getcwd(), environ.get('SPLUNK_HOME', '')))
117 | app_file = getattr(sys.modules['__main__'], '__file__', sys.executable)
118 | app_root = path.dirname(path.abspath(path.dirname(app_file)))
119 | 
120 | splunklib_logger, logging_configuration = configure_logging('splunklib')
121 | 
122 | 
123 | __all__ = ['app_file', 'app_root', 'logging_configuration', 'splunk_home', 'splunklib_logger']
124 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/eventing_command.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from splunklib import six
 20 | from splunklib.six.moves import map as imap
 21 | 
 22 | from .decorators import ConfigurationSetting
 23 | from .search_command import SearchCommand
 24 | 
 25 | 
 26 | class EventingCommand(SearchCommand):
 27 |     """ Applies a transformation to search results as they travel through the events pipeline.
 28 | 
 29 |     Eventing commands typically filter, group, order, and/or or augment event records. Examples of eventing commands
 30 |     from Splunk's built-in command set include sort_, dedup_, and cluster_. Each execution of an eventing command
 31 |     should produce a set of event records that is independently usable by downstream processors.
 32 | 
 33 |     .. _sort: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Sort
 34 |     .. _dedup: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Dedup
 35 |     .. _cluster: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Cluster
 36 | 
 37 |     EventingCommand configuration
 38 |     ==============================
 39 | 
 40 |     You can configure your command for operation under Search Command Protocol (SCP) version 1 or 2. SCP 2 requires
 41 |     Splunk 6.3 or later.
 42 | 
 43 |     """
 44 |     # region Methods
 45 | 
 46 |     def transform(self, records):
 47 |         """ Generator function that processes and yields event records to the Splunk events pipeline.
 48 | 
 49 |         You must override this method.
 50 | 
 51 |         """
 52 |         raise NotImplementedError('EventingCommand.transform(self, records)')
 53 | 
 54 |     def _execute(self, ifile, process):
 55 |         SearchCommand._execute(self, ifile, self.transform)
 56 | 
 57 |     # endregion
 58 | 
 59 |     class ConfigurationSettings(SearchCommand.ConfigurationSettings):
 60 |         """ Represents the configuration settings that apply to a :class:`EventingCommand`.
 61 | 
 62 |         """
 63 |         # region SCP v1/v2 properties
 64 | 
 65 |         required_fields = ConfigurationSetting(doc='''
 66 |             List of required fields for this search which back-propagates to the generating search.
 67 | 
 68 |             Setting this value enables selected fields mode under SCP 2. Under SCP 1 you must also specify
 69 |             :code:`clear_required_fields=True` to enable selected fields mode. To explicitly select all fields,
 70 |             specify a value of :const:`['*']`. No error is generated if a specified field is missing.
 71 | 
 72 |             Default: :const:`None`, which implicitly selects all fields.
 73 | 
 74 |             ''')
 75 | 
 76 |         # endregion
 77 | 
 78 |         # region SCP v1 properties
 79 | 
 80 |         clear_required_fields = ConfigurationSetting(doc='''
 81 |             :const:`True`, if required_fields represent the *only* fields required.
 82 | 
 83 |             If :const:`False`, required_fields are additive to any fields that may be required by subsequent commands.
 84 |             In most cases, :const:`False` is appropriate for eventing commands.
 85 | 
 86 |             Default: :const:`False`
 87 | 
 88 |             ''')
 89 | 
 90 |         retainsevents = ConfigurationSetting(readonly=True, value=True, doc='''
 91 |             :const:`True`, if the command retains events the way the sort/dedup/cluster commands do.
 92 | 
 93 |             If :const:`False`, the command transforms events the way the stats command does.
 94 | 
 95 |             Fixed: :const:`True`
 96 | 
 97 |             ''')
 98 | 
 99 |         # endregion
100 | 
101 |         # region SCP v2 properties
102 | 
103 |         maxinputs = ConfigurationSetting(doc='''
104 |             Specifies the maximum number of events that can be passed to the command for each invocation.
105 | 
106 |             This limit cannot exceed the value of `maxresultrows` as defined in limits.conf_. Under SCP 1 you must
107 |             specify this value in commands.conf_.
108 | 
109 |             Default: The value of `maxresultrows`.
110 | 
111 |             Supported by: SCP 2
112 | 
113 |             .. _limits.conf: http://docs.splunk.com/Documentation/Splunk/latest/admin/Limitsconf
114 | 
115 |             ''')
116 | 
117 |         type = ConfigurationSetting(readonly=True, value='events', doc='''
118 |             Command type
119 | 
120 |             Fixed: :const:`'events'`.
121 | 
122 |             Supported by: SCP 2
123 | 
124 |             ''')
125 | 
126 |         # endregion
127 | 
128 |         # region Methods
129 | 
130 |         @classmethod
131 |         def fix_up(cls, command):
132 |             """ Verifies :code:`command` class structure.
133 | 
134 |             """
135 |             if command.transform == EventingCommand.transform:
136 |                 raise AttributeError('No EventingCommand.transform override')
137 |             SearchCommand.ConfigurationSettings.fix_up(command)
138 | 
139 |         # TODO: Stop looking like a dictionary because we don't obey the semantics
140 |         # N.B.: Does not use Python 2 dict copy semantics
141 |         def iteritems(self):
142 |             iteritems = SearchCommand.ConfigurationSettings.iteritems(self)
143 |             return imap(lambda name_value: (name_value[0], 'events' if name_value[0] == 'type' else name_value[1]), iteritems)
144 | 
145 |         # N.B.: Does not use Python 3 dict view semantics
146 |         if not six.PY2:
147 |             items = iteritems
148 | 
149 |         # endregion
150 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/external_search_command.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from logging import getLogger
 20 | import os
 21 | import sys
 22 | import traceback
 23 | from splunklib import six
 24 | 
 25 | if sys.platform == 'win32':
 26 |     from signal import signal, CTRL_BREAK_EVENT, SIGBREAK, SIGINT, SIGTERM
 27 |     from subprocess import Popen
 28 |     import atexit
 29 | 
 30 | from . import splunklib_logger as logger
 31 | 
 32 | # P1 [ ] TODO: Add ExternalSearchCommand class documentation
 33 | 
 34 | 
 35 | class ExternalSearchCommand(object):
 36 |     """
 37 |     """
 38 |     def __init__(self, path, argv=None, environ=None):
 39 | 
 40 |         if not isinstance(path, (bytes, six.text_type)):
 41 |             raise ValueError('Expected a string value for path, not {}'.format(repr(path)))
 42 | 
 43 |         self._logger = getLogger(self.__class__.__name__)
 44 |         self._path = six.text_type(path)
 45 |         self._argv = None
 46 |         self._environ = None
 47 | 
 48 |         self.argv = argv
 49 |         self.environ = environ
 50 | 
 51 |     # region Properties
 52 | 
 53 |     @property
 54 |     def argv(self):
 55 |         return getattr(self, '_argv')
 56 | 
 57 |     @argv.setter
 58 |     def argv(self, value):
 59 |         if not (value is None or isinstance(value, (list, tuple))):
 60 |             raise ValueError('Expected a list, tuple or value of None for argv, not {}'.format(repr(value)))
 61 |         self._argv = value
 62 | 
 63 |     @property
 64 |     def environ(self):
 65 |         return getattr(self, '_environ')
 66 | 
 67 |     @environ.setter
 68 |     def environ(self, value):
 69 |         if not (value is None or isinstance(value, dict)):
 70 |             raise ValueError('Expected a dictionary value for environ, not {}'.format(repr(value)))
 71 |         self._environ = value
 72 | 
 73 |     @property
 74 |     def logger(self):
 75 |         return self._logger
 76 | 
 77 |     @property
 78 |     def path(self):
 79 |         return self._path
 80 | 
 81 |     # endregion
 82 | 
 83 |     # region Methods
 84 | 
 85 |     def execute(self):
 86 |         # noinspection PyBroadException
 87 |         try:
 88 |             if self._argv is None:
 89 |                 self._argv = os.path.splitext(os.path.basename(self._path))[0]
 90 |             self._execute(self._path, self._argv, self._environ)
 91 |         except:
 92 |             error_type, error, tb = sys.exc_info()
 93 |             message = 'Command execution failed: ' + six.text_type(error)
 94 |             self._logger.error(message + '\nTraceback:\n' + ''.join(traceback.format_tb(tb)))
 95 |             sys.exit(1)
 96 | 
 97 |     if sys.platform == 'win32':
 98 | 
 99 |         @staticmethod
100 |         def _execute(path, argv=None, environ=None):
101 |             """ Executes an external search command.
102 | 
103 |             :param path: Path to the external search command.
104 |             :type path: unicode
105 | 
106 |             :param argv: Argument list.
107 |             :type argv: list or tuple
108 |                 The arguments to the child process should start with the name of the command being run, but this is not
109 |                 enforced. A value of :const:`None` specifies that the base name of path name :param:`path` should be used.
110 | 
111 |             :param environ: A mapping which is used to define the environment variables for the new process.
112 |             :type environ: dict or None.
113 |                 This mapping is used instead of the current process’s environment. A value of :const:`None` specifies that
114 |                 the :data:`os.environ` mapping should be used.
115 | 
116 |             :return: None
117 | 
118 |             """
119 |             search_path = os.getenv('PATH') if environ is None else environ.get('PATH')
120 |             found = ExternalSearchCommand._search_path(path, search_path)
121 | 
122 |             if found is None:
123 |                 raise ValueError('Cannot find command on path: {}'.format(path))
124 | 
125 |             path = found
126 |             logger.debug('starting command="%s", arguments=%s', path, argv)
127 | 
128 |             def terminate(signal_number, frame):
129 |                 sys.exit('External search command is terminating on receipt of signal={}.'.format(signal_number))
130 | 
131 |             def terminate_child():
132 |                 if p.pid is not None and p.returncode is None:
133 |                     logger.debug('terminating command="%s", arguments=%d, pid=%d', path, argv, p.pid)
134 |                     os.kill(p.pid, CTRL_BREAK_EVENT)
135 | 
136 |             p = Popen(argv, executable=path, env=environ, stdin=sys.stdin, stdout=sys.stdout, stderr=sys.stderr)
137 |             atexit.register(terminate_child)
138 |             signal(SIGBREAK, terminate)
139 |             signal(SIGINT, terminate)
140 |             signal(SIGTERM, terminate)
141 | 
142 |             logger.debug('started command="%s", arguments=%s, pid=%d', path, argv, p.pid)
143 |             p.wait()
144 | 
145 |             logger.debug('finished command="%s", arguments=%s, pid=%d, returncode=%d', path, argv, p.pid, p.returncode)
146 | 
147 |             if p.returncode != 0:
148 |                 sys.exit(p.returncode)
149 | 
150 |         @staticmethod
151 |         def _search_path(executable, paths):
152 |             """ Locates an executable program file.
153 | 
154 |             :param executable: The name of the executable program to locate.
155 |             :type executable: unicode
156 | 
157 |             :param paths: A list of one or more directory paths where executable programs are located.
158 |             :type paths: unicode
159 | 
160 |             :return:
161 |             :rtype: Path to the executable program located or :const:`None`.
162 | 
163 |             """
164 |             directory, filename = os.path.split(executable)
165 |             extension = os.path.splitext(filename)[1].upper()
166 |             executable_extensions = ExternalSearchCommand._executable_extensions
167 | 
168 |             if directory:
169 |                 if len(extension) and extension in executable_extensions:
170 |                     return None
171 |                 for extension in executable_extensions:
172 |                     path = executable + extension
173 |                     if os.path.isfile(path):
174 |                         return path
175 |                 return None
176 | 
177 |             if not paths:
178 |                 return None
179 | 
180 |             directories = [directory for directory in paths.split(';') if len(directory)]
181 | 
182 |             if len(directories) == 0:
183 |                 return None
184 | 
185 |             if len(extension) and extension in executable_extensions:
186 |                 for directory in directories:
187 |                     path = os.path.join(directory, executable)
188 |                     if os.path.isfile(path):
189 |                         return path
190 |                 return None
191 | 
192 |             for directory in directories:
193 |                 path_without_extension = os.path.join(directory, executable)
194 |                 for extension in executable_extensions:
195 |                     path = path_without_extension + extension
196 |                     if os.path.isfile(path):
197 |                         return path
198 | 
199 |             return None
200 | 
201 |         _executable_extensions = ('.COM', '.EXE')
202 |     else:
203 |         @staticmethod
204 |         def _execute(path, argv, environ):
205 |             if environ is None:
206 |                 os.execvp(path, argv)
207 |             else:
208 |                 os.execvpe(path, argv, environ)
209 |             return
210 | 
211 |     # endregion
212 | 
213 | 
214 | def execute(path, argv=None, environ=None, command_class=ExternalSearchCommand):
215 |     """
216 |     :param path:
217 |     :type path: basestring
218 |     :param argv:
219 |     :type: argv: list, tuple, or None
220 |     :param environ:
221 |     :type environ: dict
222 |     :param command_class: External search command class to instantiate and execute.
223 |     :type command_class: type
224 |     :return:
225 |     :rtype: None
226 |     """
227 |     assert issubclass(command_class, ExternalSearchCommand)
228 |     command_class(path, argv, environ).execute()
229 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/generating_command.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright © 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from .decorators import ConfigurationSetting
 20 | from .search_command import SearchCommand
 21 | 
 22 | from splunklib import six
 23 | from splunklib.six.moves import map as imap, filter as ifilter
 24 | 
 25 | # P1 [O] TODO: Discuss generates_timeorder in the class-level documentation for GeneratingCommand
 26 | 
 27 | 
 28 | class GeneratingCommand(SearchCommand):
 29 |     """ Generates events based on command arguments.
 30 | 
 31 |     Generating commands receive no input and must be the first command on a pipeline. There are three pipelines:
 32 |     streams, events, and reports. The streams pipeline generates or processes time-ordered event records on an
 33 |     indexer or search head.
 34 | 
 35 |     Streaming commands filter, modify, or augment event records and can be applied to subsets of index data in a
 36 |     parallel manner. An example of a streaming command from Splunk's built-in command set is rex_ which extracts and
 37 |     adds fields to event records at search time. Records that pass through the streams pipeline move on to the events
 38 |     pipeline.
 39 | 
 40 |     The events pipeline generates or processes records on a search head. Eventing commands typically filter, group,
 41 |     order, or augment event records. Examples of eventing commands from Splunk's built-in command set include sort_,
 42 |     dedup_, and cluster_. Each execution of an eventing command should produce a set of event records that is
 43 |     independently usable by downstream processors. Records that pass through the events pipeline move on to the reports
 44 |     pipeline.
 45 | 
 46 |     The reports pipeline also runs on a search head, but yields data structures for presentation, not event records.
 47 |     Examples of streaming from Splunk's built-in command set include chart_, stats_, and contingency_.
 48 | 
 49 |     GeneratingCommand configuration
 50 |     ===============================
 51 | 
 52 |     Configure your generating command based on the pipeline that it targets. How you configure your command depends on
 53 |     the Search Command Protocol (SCP) version.
 54 | 
 55 |     +----------+-------------------------------------+--------------------------------------------+
 56 |     | Pipeline | SCP 1                               | SCP 2                                      |
 57 |     +==========+=====================================+============================================+
 58 |     | streams  | streaming=True[,local=[True|False]] | type='streaming'[,distributed=[true|false] |
 59 |     +----------+-------------------------------------+--------------------------------------------+
 60 |     | events   | retainsevents=True, streaming=False | type='events'                              |
 61 |     +----------+-------------------------------------+--------------------------------------------+
 62 |     | reports  | streaming=False                     | type='reporting'                           |
 63 |     +----------+-------------------------------------+--------------------------------------------+
 64 | 
 65 |     Only streaming commands may be distributed to indexers. By default generating commands are configured to run
 66 |     locally in the streams pipeline and will run under either SCP 1 or SCP 2.
 67 | 
 68 |     .. code-block:: python
 69 | 
 70 |         @Configuration()
 71 |         class StreamingGeneratingCommand(GeneratingCommand)
 72 |             ...
 73 | 
 74 |     How you configure your command to run on a different pipeline or in a distributed fashion depends on what SCP
 75 |     protocol versions you wish to support. You must be sure to configure your command consistently for each protocol,
 76 |     if you wish to support both protocol versions correctly.
 77 | 
 78 |     .. _chart: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Chart
 79 |     .. _cluster: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Cluster
 80 |     .. _contingency: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Contingency
 81 |     .. _dedup: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Dedup
 82 |     .. _rex: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Rex
 83 |     .. _sort: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Sort
 84 |     .. _stats: http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Stats
 85 | 
 86 |     Distributed Generating command
 87 |     ==============================
 88 | 
 89 |     Commands configured like this will run as the first command on search heads and/or indexers on the streams pipeline.
 90 | 
 91 |     +----------+---------------------------------------------------+---------------------------------------------------+
 92 |     | Pipeline | SCP 1                                             | SCP 2                                             |
 93 |     +==========+===================================================+===================================================+
 94 |     | streams  | 1. Add this line to your command's stanza in      | 1. Add this configuration setting to your code:   |
 95 |     |          |                                                   |                                                   |
 96 |     |          |    default/commands.conf::                        |    ..  code-block:: python                        |
 97 |     |          |                                                   |                                                   |
 98 |     |          |        local = false                              |        @Configuration(distributed=True)           |
 99 |     |          |                                                   |        class SomeCommand(GeneratingCommand)       |
100 |     |          |                                                   |            ...                                    |
101 |     |          | 2. Restart splunk                                 |                                                   |
102 |     |          |                                                   | 2. You are good to go; no need to restart Splunk  |
103 |     +----------+---------------------------------------------------+---------------------------------------------------+
104 | 
105 |     Eventing Generating command
106 |     ===========================
107 | 
108 |     Generating commands configured like this will run as the first command on a search head on the events pipeline.
109 | 
110 |     +----------+---------------------------------------------------+---------------------------------------------------+
111 |     | Pipeline | SCP 1                                             | SCP 2                                             |
112 |     +==========+===================================================+===================================================+
113 |     | events   | You have a choice. Add these configuration        | Add this configuration setting to your command    |
114 |     |          | settings to your command class:                   | setting to your command class:                    |
115 |     |          |                                                   |                                                   |
116 |     |          | .. code-block:: python                            | .. code-block:: python                            |
117 |     |          |                                                   |                                                   |
118 |     |          |     @Configuration(                               |     @Configuration(type='events')                 |
119 |     |          |         retainsevents=True, streaming=False)      |     class SomeCommand(GeneratingCommand)          |
120 |     |          |     class SomeCommand(GeneratingCommand)          |         ...                                       |
121 |     |          |         ...                                       |                                                   |
122 |     |          |                                                   |                                                   |
123 |     |          | Or add these lines to default/commands.conf:      |                                                   |
124 |     |          |                                                   |                                                   |
125 |     |          | ..  code-block:: text                             |                                                   |
126 |     |          |                                                   |                                                   |
127 |     |          |     retainsevents = true                          |                                                   |
128 |     |          |     streaming = false                             |                                                   |
129 |     +----------+---------------------------------------------------+---------------------------------------------------+
130 | 
131 |     Configure your command class like this, if you wish to support both protocols:
132 | 
133 |     ..  code-block:: python
134 | 
135 |         @Configuration(type='events', retainsevents=True, streaming=False)
136 |         class SomeCommand(GeneratingCommand)
137 |             ...
138 | 
139 |     You might also consider adding these lines to commands.conf instead of adding them to your command class:
140 | 
141 |     ..  code-block:: python
142 | 
143 |         retainsevents = false
144 |         streaming = false
145 | 
146 |     Reporting Generating command
147 |     ============================
148 | 
149 |     Commands configured like this will run as the first command on a search head on the reports pipeline.
150 | 
151 |     +----------+---------------------------------------------------+---------------------------------------------------+
152 |     | Pipeline | SCP 1                                             | SCP 2                                             |
153 |     +==========+===================================================+===================================================+
154 |     | events   | You have a choice. Add these configuration        | Add this configuration setting to your command    |
155 |     |          | settings to your command class:                   | setting to your command class:                    |
156 |     |          |                                                   |                                                   |
157 |     |          | .. code-block:: python                            | .. code-block:: python                            |
158 |     |          |                                                   |                                                   |
159 |     |          |     @Configuration(retainsevents=False)           |     @Configuration(type='reporting')              |
160 |     |          |     class SomeCommand(GeneratingCommand)          |     class SomeCommand(GeneratingCommand)          |
161 |     |          |         ...                                       |         ...                                       |
162 |     |          |                                                   |                                                   |
163 |     |          | Or add this lines to default/commands.conf:       |                                                   |
164 |     |          |                                                   |                                                   |
165 |     |          | .. code-block:: text                              |                                                   |
166 |     |          |                                                   |                                                   |
167 |     |          |     retainsevents = false                         |                                                   |
168 |     |          |     streaming = false                             |                                                   |
169 |     +----------+---------------------------------------------------+---------------------------------------------------+
170 | 
171 |     Configure your command class like this, if you wish to support both protocols:
172 | 
173 |     ..  code-block:: python
174 | 
175 |         @Configuration(type='reporting', streaming=False)
176 |         class SomeCommand(GeneratingCommand)
177 |             ...
178 | 
179 |     You might also consider adding these lines to commands.conf instead of adding them to your command class:
180 | 
181 |     ..  code-block:: text
182 | 
183 |         retainsevents = false
184 |         streaming = false
185 | 
186 |     """
187 |     # region Methods
188 | 
189 |     def generate(self):
190 |         """ A generator that yields records to the Splunk processing pipeline
191 | 
192 |         You must override this method.
193 | 
194 |         """
195 |         raise NotImplementedError('GeneratingCommand.generate(self)')
196 | 
197 |     def _execute(self, ifile, process):
198 |         """ Execution loop
199 | 
200 |         :param ifile: Input file object. Unused.
201 |         :type ifile: file
202 | 
203 |         :return: `None`.
204 | 
205 |         """
206 |         if self._protocol_version == 2:
207 |             self._execute_v2(ifile, self.generate())
208 |         else:
209 |             assert self._protocol_version == 1
210 |             self._record_writer.write_records(self.generate())
211 |         self.finish()
212 | 
213 |     def _execute_chunk_v2(self, process, chunk):
214 |         count = 0
215 |         for row in process:
216 |             self._record_writer.write_record(row)
217 |             count += 1
218 |             if count == self._record_writer._maxresultrows:
219 |                 self._finished = False
220 |                 return
221 |         self._finished = True
222 | 
223 |     # endregion
224 | 
225 |     # region Types
226 | 
227 |     class ConfigurationSettings(SearchCommand.ConfigurationSettings):
228 |         """ Represents the configuration settings for a :code:`GeneratingCommand` class.
229 | 
230 |         """
231 |         # region SCP v1/v2 Properties
232 | 
233 |         generating = ConfigurationSetting(readonly=True, value=True, doc='''
234 |             Tells Splunk that this command generates events, but does not process inputs.
235 | 
236 |             Generating commands must appear at the front of the search pipeline identified by :meth:`type`.
237 | 
238 |             Fixed: :const:`True`
239 | 
240 |             Supported by: SCP 1, SCP 2
241 | 
242 |             ''')
243 | 
244 |         # endregion
245 | 
246 |         # region SCP v1 Properties
247 | 
248 |         generates_timeorder = ConfigurationSetting(doc='''
249 |             :const:`True`, if the command generates new events.
250 | 
251 |             Default: :const:`False`
252 | 
253 |             Supported by: SCP 1
254 | 
255 |             ''')
256 | 
257 |         local = ConfigurationSetting(doc='''
258 |             :const:`True`, if the command should run locally on the search head.
259 | 
260 |             Default: :const:`False`
261 | 
262 |             Supported by: SCP 1
263 | 
264 |             ''')
265 | 
266 |         retainsevents = ConfigurationSetting(doc='''
267 |             :const:`True`, if the command retains events the way the sort, dedup, and cluster commands do, or whether it
268 |             transforms them the way the stats command does.
269 | 
270 |             Default: :const:`False`
271 | 
272 |             Supported by: SCP 1
273 | 
274 |             ''')
275 | 
276 |         streaming = ConfigurationSetting(doc='''
277 |             :const:`True`, if the command is streamable.
278 | 
279 |             Default: :const:`True`
280 | 
281 |             Supported by: SCP 1
282 | 
283 |             ''')
284 | 
285 |         # endregion
286 | 
287 |         # region SCP v2 Properties
288 | 
289 |         distributed = ConfigurationSetting(value=False, doc='''
290 |             True, if this command should be distributed to indexers.
291 | 
292 |             This value is ignored unless :meth:`type` is equal to :const:`streaming`. It is only this command type that
293 |             may be distributed.
294 | 
295 |             Default: :const:`False`
296 | 
297 |             Supported by: SCP 2
298 | 
299 |             ''')
300 | 
301 |         type = ConfigurationSetting(value='streaming', doc='''
302 |             A command type name.
303 | 
304 |             ====================  ======================================================================================
305 |             Value                 Description
306 |             --------------------  --------------------------------------------------------------------------------------
307 |             :const:`'events'`     Runs as the first command in the Splunk events pipeline. Cannot be distributed.
308 |             :const:`'reporting'`  Runs as the first command in the Splunk reports pipeline. Cannot be distributed.
309 |             :const:`'streaming'`  Runs as the first command in the Splunk streams pipeline. May be distributed.
310 |             ====================  ======================================================================================
311 | 
312 |             Default: :const:`'streaming'`
313 | 
314 |             Supported by: SCP 2
315 | 
316 |             ''')
317 | 
318 |         # endregion
319 | 
320 |         # region Methods
321 | 
322 |         @classmethod
323 |         def fix_up(cls, command):
324 |             """ Verifies :code:`command` class structure.
325 | 
326 |             """
327 |             if command.generate == GeneratingCommand.generate:
328 |                 raise AttributeError('No GeneratingCommand.generate override')
329 | 
330 |         # TODO: Stop looking like a dictionary because we don't obey the semantics
331 |         # N.B.: Does not use Python 2 dict copy semantics
332 |         def iteritems(self):
333 |             iteritems = SearchCommand.ConfigurationSettings.iteritems(self)
334 |             version = self.command.protocol_version
335 |             if version == 2:
336 |                 iteritems = ifilter(lambda name_value1: name_value1[0] != 'distributed', iteritems)
337 |                 if not self.distributed and self.type == 'streaming':
338 |                     iteritems = imap(
339 |                         lambda name_value: (name_value[0], 'stateful') if name_value[0] == 'type' else (name_value[0], name_value[1]), iteritems)
340 |             return iteritems
341 | 
342 |         # N.B.: Does not use Python 3 dict view semantics
343 |         if not six.PY2:
344 |             items = iteritems
345 | 
346 |         pass
347 |         # endregion
348 | 
349 |     pass
350 |     # endregion
351 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/internals.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright © 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function
 18 | 
 19 | from io import TextIOWrapper
 20 | from collections import deque, namedtuple
 21 | from splunklib import six
 22 | try:
 23 |     from collections import OrderedDict  # must be python 2.7
 24 | except ImportError:
 25 |     from ..ordereddict import OrderedDict
 26 | from splunklib.six.moves import StringIO
 27 | from itertools import chain
 28 | from splunklib.six.moves import map as imap
 29 | from json import JSONDecoder, JSONEncoder
 30 | from json.encoder import encode_basestring_ascii as json_encode_string
 31 | from splunklib.six.moves import urllib
 32 | 
 33 | import csv
 34 | import gzip
 35 | import os
 36 | import re
 37 | import sys
 38 | import warnings
 39 | 
 40 | from . import environment
 41 | 
 42 | csv.field_size_limit(10485760)  # The default value is 128KB; upping to 10MB. See SPL-12117 for background on this issue
 43 | 
 44 | 
 45 | def set_binary_mode(fh):
 46 |     """ Helper method to set up binary mode for file handles.
 47 |     Emphasis being sys.stdin, sys.stdout, sys.stderr.
 48 |     For python3, we want to return .buffer
 49 |     For python2+windows we want to set os.O_BINARY
 50 |     """
 51 |     typefile = TextIOWrapper if sys.version_info >= (3, 0) else file
 52 |     # check for file handle
 53 |     if not isinstance(fh, typefile):
 54 |         return fh
 55 | 
 56 |     # check for python3 and buffer
 57 |     if sys.version_info >= (3, 0) and hasattr(fh, 'buffer'):
 58 |         return fh.buffer
 59 |     # check for python3
 60 |     elif sys.version_info >= (3, 0):
 61 |         pass
 62 |     # check for windows python2. SPL-175233 -- python3 stdout is already binary
 63 |     elif sys.platform == 'win32':
 64 |         # Work around the fact that on Windows '\n' is mapped to '\r\n'. The typical solution is to simply open files in
 65 |         # binary mode, but stdout is already open, thus this hack. 'CPython' and 'PyPy' work differently. We assume that
 66 |         # all other Python implementations are compatible with 'CPython'. This might or might not be a valid assumption.
 67 |         from platform import python_implementation
 68 |         implementation = python_implementation()
 69 |         if implementation == 'PyPy':
 70 |             return os.fdopen(fh.fileno(), 'wb', 0)
 71 |         else:
 72 |             import msvcrt
 73 |             msvcrt.setmode(fh.fileno(), os.O_BINARY)
 74 |     return fh
 75 | 
 76 | 
 77 | class CommandLineParser(object):
 78 |     r""" Parses the arguments to a search command.
 79 | 
 80 |     A search command line is described by the following syntax.
 81 | 
 82 |     **Syntax**::
 83 | 
 84 |        command       = command-name *[wsp option] *[wsp [dquote] field-name [dquote]]
 85 |        command-name  = alpha *( alpha / digit )
 86 |        option        = option-name [wsp] "=" [wsp] option-value
 87 |        option-name   = alpha *( alpha / digit / "_" )
 88 |        option-value  = word / quoted-string
 89 |        word          = 1*( %01-%08 / %0B / %0C / %0E-1F / %21 / %23-%FF ) ; Any character but DQUOTE and WSP
 90 |        quoted-string = dquote *( word / wsp / "\" dquote / dquote dquote ) dquote
 91 |        field-name    = ( "_" / alpha ) *( alpha / digit / "_" / "." / "-" )
 92 | 
 93 |     **Note:**
 94 | 
 95 |     This syntax is constrained to an 8-bit character set.
 96 | 
 97 |     **Note:**
 98 | 
 99 |     This syntax does not show that `field-name` values may be comma-separated when in fact they can be. This is
100 |     because Splunk strips commas from the command line. A custom search command will never see them.
101 | 
102 |     **Example:**
103 | 
104 |     countmatches fieldname = word_count pattern = \w+ some_text_field
105 | 
106 |     Option names are mapped to properties in the targeted ``SearchCommand``. It is the responsibility of the property
107 |     setters to validate the values they receive. Property setters may also produce side effects. For example,
108 |     setting the built-in `log_level` immediately changes the `log_level`.
109 | 
110 |     """
111 |     @classmethod
112 |     def parse(cls, command, argv):
113 |         """ Splits an argument list into an options dictionary and a fieldname
114 |         list.
115 | 
116 |         The argument list, `argv`, must be of the form::
117 | 
118 |             *[option]... *[<field-name>]
119 | 
120 |         Options are validated and assigned to items in `command.options`. Field names are validated and stored in the
121 |         list of `command.fieldnames`.
122 | 
123 |         #Arguments:
124 | 
125 |         :param command: Search command instance.
126 |         :type command: ``SearchCommand``
127 |         :param argv: List of search command arguments.
128 |         :type argv: ``list``
129 |         :return: ``None``
130 | 
131 |         #Exceptions:
132 | 
133 |         ``SyntaxError``: Argument list is incorrectly formed.
134 |         ``ValueError``: Unrecognized option/field name, or an illegal field value.
135 | 
136 |         """
137 |         debug = environment.splunklib_logger.debug
138 |         command_class = type(command).__name__
139 | 
140 |         # Prepare
141 | 
142 |         debug('Parsing %s command line: %r', command_class, argv)
143 |         command.fieldnames = None
144 |         command.options.reset()
145 |         argv = ' '.join(argv)
146 | 
147 |         command_args = cls._arguments_re.match(argv)
148 | 
149 |         if command_args is None:
150 |             raise SyntaxError('Syntax error: {}'.format(argv))
151 | 
152 |         # Parse options
153 | 
154 |         for option in cls._options_re.finditer(command_args.group('options')):
155 |             name, value = option.group('name'), option.group('value')
156 |             if name not in command.options:
157 |                 raise ValueError(
158 |                     'Unrecognized {} command option: {}={}'.format(command.name, name, json_encode_string(value)))
159 |             command.options[name].value = cls.unquote(value)
160 | 
161 |         missing = command.options.get_missing()
162 | 
163 |         if missing is not None:
164 |             if len(missing) > 1:
165 |                 raise ValueError(
166 |                     'Values for these {} command options are required: {}'.format(command.name, ', '.join(missing)))
167 |             raise ValueError('A value for {} command option {} is required'.format(command.name, missing[0]))
168 | 
169 |         # Parse field names
170 | 
171 |         fieldnames = command_args.group('fieldnames')
172 | 
173 |         if fieldnames is None:
174 |             command.fieldnames = []
175 |         else:
176 |             command.fieldnames = [cls.unquote(value.group(0)) for value in cls._fieldnames_re.finditer(fieldnames)]
177 | 
178 |         debug('  %s: %s', command_class, command)
179 | 
180 |     @classmethod
181 |     def unquote(cls, string):
182 |         """ Removes quotes from a quoted string.
183 | 
184 |         Splunk search command quote rules are applied. The enclosing double-quotes, if present, are removed. Escaped
185 |         double-quotes ('\"' or '""') are replaced by a single double-quote ('"').
186 | 
187 |         **NOTE**
188 | 
189 |         We are not using a json.JSONDecoder because Splunk quote rules are different than JSON quote rules. A
190 |         json.JSONDecoder does not recognize a pair of double-quotes ('""') as an escaped quote ('"') and will
191 |         decode single-quoted strings ("'") in addition to double-quoted ('"') strings.
192 | 
193 |         """
194 |         if len(string) == 0:
195 |             return ''
196 | 
197 |         if string[0] == '"':
198 |             if len(string) == 1 or string[-1] != '"':
199 |                 raise SyntaxError('Poorly formed string literal: ' + string)
200 |             string = string[1:-1]
201 | 
202 |         if len(string) == 0:
203 |             return ''
204 | 
205 |         def replace(match):
206 |             value = match.group(0)
207 |             if value == '""':
208 |                 return '"'
209 |             if len(value) < 2:
210 |                 raise SyntaxError('Poorly formed string literal: ' + string)
211 |             return value[1]
212 | 
213 |         result = re.sub(cls._escaped_character_re, replace, string)
214 |         return result
215 | 
216 |     # region Class variables
217 | 
218 |     _arguments_re = re.compile(r"""
219 |         ^\s*
220 |         (?P<options>     # Match a leading set of name/value pairs
221 |             (?:
222 |                 (?:(?=\w)[^\d]\w*)                         # name
223 |                 \s*=\s*                                    # =
224 |                 (?:"(?:\\.|""|[^"])*"|(?:\\.|[^\s"])+)\s*  # value
225 |             )*
226 |         )\s*
227 |         (?P<fieldnames>  # Match a trailing set of field names
228 |             (?:
229 |                 (?:"(?:\\.|""|[^"])*"|(?:\\.|[^\s"])+)\s*
230 |             )*
231 |         )\s*$
232 |         """, re.VERBOSE | re.UNICODE)
233 | 
234 |     _escaped_character_re = re.compile(r'(\\.|""|[\\"])')
235 | 
236 |     _fieldnames_re = re.compile(r"""("(?:\\.|""|[^"])+"|(?:\\.|[^\s"])+)""")
237 | 
238 |     _options_re = re.compile(r"""
239 |         # Captures a set of name/value pairs when used with re.finditer
240 |         (?P<name>(?:(?=\w)[^\d]\w*))                   # name
241 |         \s*=\s*                                        # =
242 |         (?P<value>"(?:\\.|""|[^"])*"|(?:\\.|[^\s"])+)  # value
243 |         """, re.VERBOSE | re.UNICODE)
244 | 
245 |     # endregion
246 | 
247 | 
248 | class ConfigurationSettingsType(type):
249 |     """ Metaclass for constructing ConfigurationSettings classes.
250 | 
251 |     Instances of :class:`ConfigurationSettingsType` construct :class:`ConfigurationSettings` classes from classes from
252 |     a base :class:`ConfigurationSettings` class and a dictionary of configuration settings. The settings in the
253 |     dictionary are validated against the settings in the base class. You cannot add settings, you can only change their
254 |     backing-field values and you cannot modify settings without backing-field values. These are considered fixed
255 |     configuration setting values.
256 | 
257 |     This is an internal class used in two places:
258 | 
259 |     + :meth:`decorators.Configuration.__call__`
260 | 
261 |       Adds a ConfigurationSettings attribute to a :class:`SearchCommand` class.
262 | 
263 |     + :meth:`reporting_command.ReportingCommand.fix_up`
264 | 
265 |       Adds a ConfigurationSettings attribute to a :meth:`ReportingCommand.map` method, if there is one.
266 | 
267 |     """
268 |     def __new__(mcs, module, name, bases):
269 |         mcs = super(ConfigurationSettingsType, mcs).__new__(mcs, str(name), bases, {})
270 |         return mcs
271 | 
272 |     def __init__(cls, module, name, bases):
273 | 
274 |         super(ConfigurationSettingsType, cls).__init__(name, bases, None)
275 |         cls.__module__ = module
276 | 
277 |     @staticmethod
278 |     def validate_configuration_setting(specification, name, value):
279 |         if not isinstance(value, specification.type):
280 |             if isinstance(specification.type, type):
281 |                 type_names = specification.type.__name__
282 |             else:
283 |                 type_names = ', '.join(imap(lambda t: t.__name__, specification.type))
284 |             raise ValueError('Expected {} value, not {}={}'.format(type_names, name, repr(value)))
285 |         if specification.constraint and not specification.constraint(value):
286 |             raise ValueError('Illegal value: {}={}'.format(name, repr(value)))
287 |         return value
288 | 
289 |     specification = namedtuple(
290 |         'ConfigurationSettingSpecification', (
291 |             'type',
292 |             'constraint',
293 |             'supporting_protocols'))
294 | 
295 |     # P1 [ ] TODO: Review ConfigurationSettingsType.specification_matrix for completeness and correctness
296 | 
297 |     specification_matrix = {
298 |         'clear_required_fields': specification(
299 |             type=bool,
300 |             constraint=None,
301 |             supporting_protocols=[1]),
302 |         'distributed': specification(
303 |             type=bool,
304 |             constraint=None,
305 |             supporting_protocols=[2]),
306 |         'generates_timeorder': specification(
307 |             type=bool,
308 |             constraint=None,
309 |             supporting_protocols=[1]),
310 |         'generating': specification(
311 |             type=bool,
312 |             constraint=None,
313 |             supporting_protocols=[1, 2]),
314 |         'local': specification(
315 |             type=bool,
316 |             constraint=None,
317 |             supporting_protocols=[1]),
318 |         'maxinputs': specification(
319 |             type=int,
320 |             constraint=lambda value: 0 <= value <= six.MAXSIZE,
321 |             supporting_protocols=[2]),
322 |         'overrides_timeorder': specification(
323 |             type=bool,
324 |             constraint=None,
325 |             supporting_protocols=[1]),
326 |         'required_fields': specification(
327 |             type=(list, set, tuple),
328 |             constraint=None,
329 |             supporting_protocols=[1, 2]),
330 |         'requires_preop': specification(
331 |             type=bool,
332 |             constraint=None,
333 |             supporting_protocols=[1]),
334 |         'retainsevents': specification(
335 |             type=bool,
336 |             constraint=None,
337 |             supporting_protocols=[1]),
338 |         'run_in_preview': specification(
339 |             type=bool,
340 |             constraint=None,
341 |             supporting_protocols=[2]),
342 |         'streaming': specification(
343 |             type=bool,
344 |             constraint=None,
345 |             supporting_protocols=[1]),
346 |         'streaming_preop': specification(
347 |             type=(bytes, six.text_type),
348 |             constraint=None,
349 |             supporting_protocols=[1, 2]),
350 |         'type': specification(
351 |             type=(bytes, six.text_type),
352 |             constraint=lambda value: value in ('events', 'reporting', 'streaming'),
353 |             supporting_protocols=[2])}
354 | 
355 | 
356 | class CsvDialect(csv.Dialect):
357 |     """ Describes the properties of Splunk CSV streams """
358 |     delimiter = ','
359 |     quotechar = '"'
360 |     doublequote = True
361 |     skipinitialspace = False
362 |     lineterminator = '\r\n'
363 |     if sys.version_info >= (3, 0) and sys.platform == 'win32':
364 |         lineterminator = '\n'
365 |     quoting = csv.QUOTE_MINIMAL
366 | 
367 | 
368 | class InputHeader(dict):
369 |     """ Represents a Splunk input header as a collection of name/value pairs.
370 | 
371 |     """
372 | 
373 |     def __str__(self):
374 |         return '\n'.join([name + ':' + value for name, value in six.iteritems(self)])
375 | 
376 |     def read(self, ifile):
377 |         """ Reads an input header from an input file.
378 | 
379 |         The input header is read as a sequence of *<name>***:***<value>* pairs separated by a newline. The end of the
380 |         input header is signalled by an empty line or an end-of-file.
381 | 
382 |         :param ifile: File-like object that supports iteration over lines.
383 | 
384 |         """
385 |         name, value = None, None
386 | 
387 |         for line in ifile:
388 |             if line == '\n':
389 |                 break
390 |             item = line.split(':', 1)
391 |             if len(item) == 2:
392 |                 # start of a new item
393 |                 if name is not None:
394 |                     self[name] = value[:-1]  # value sans trailing newline
395 |                 name, value = item[0], urllib.parse.unquote(item[1])
396 |             elif name is not None:
397 |                 # continuation of the current item
398 |                 value += urllib.parse.unquote(line)
399 | 
400 |         if name is not None:
401 |             self[name] = value[:-1] if value[-1] == '\n' else value
402 | 
403 | 
404 | Message = namedtuple('Message', ('type', 'text'))
405 | 
406 | 
407 | class MetadataDecoder(JSONDecoder):
408 | 
409 |     def __init__(self):
410 |         JSONDecoder.__init__(self, object_hook=self._object_hook)
411 | 
412 |     @staticmethod
413 |     def _object_hook(dictionary):
414 | 
415 |         object_view = ObjectView(dictionary)
416 |         stack = deque()
417 |         stack.append((None, None, dictionary))
418 | 
419 |         while len(stack):
420 |             instance, member_name, dictionary = stack.popleft()
421 | 
422 |             for name, value in six.iteritems(dictionary):
423 |                 if isinstance(value, dict):
424 |                     stack.append((dictionary, name, value))
425 | 
426 |             if instance is not None:
427 |                 instance[member_name] = ObjectView(dictionary)
428 | 
429 |         return object_view
430 | 
431 | 
432 | class MetadataEncoder(JSONEncoder):
433 | 
434 |     def __init__(self):
435 |         JSONEncoder.__init__(self, separators=MetadataEncoder._separators)
436 | 
437 |     def default(self, o):
438 |         return o.__dict__ if isinstance(o, ObjectView) else JSONEncoder.default(self, o)
439 | 
440 |     _separators = (',', ':')
441 | 
442 | 
443 | class ObjectView(object):
444 | 
445 |     def __init__(self, dictionary):
446 |         self.__dict__ = dictionary
447 | 
448 |     def __repr__(self):
449 |         return repr(self.__dict__)
450 | 
451 |     def __str__(self):
452 |         return str(self.__dict__)
453 | 
454 | 
455 | class Recorder(object):
456 | 
457 |     def __init__(self, path, f):
458 |         self._recording = gzip.open(path + '.gz', 'wb')
459 |         self._file = f
460 | 
461 |     def __getattr__(self, name):
462 |         return getattr(self._file, name)
463 | 
464 |     def __iter__(self):
465 |         for line in self._file:
466 |             self._recording.write(line)
467 |             self._recording.flush()
468 |             yield line
469 | 
470 |     def read(self, size=None):
471 |         value = self._file.read() if size is None else self._file.read(size)
472 |         self._recording.write(value)
473 |         self._recording.flush()
474 |         return value
475 | 
476 |     def readline(self, size=None):
477 |         value = self._file.readline() if size is None else self._file.readline(size)
478 |         if len(value) > 0:
479 |             self._recording.write(value)
480 |             self._recording.flush()
481 |         return value
482 | 
483 |     def record(self, *args):
484 |         for arg in args:
485 |             self._recording.write(arg)
486 | 
487 |     def write(self, text):
488 |         self._recording.write(text)
489 |         self._file.write(text)
490 |         self._recording.flush()
491 | 
492 | 
493 | class RecordWriter(object):
494 | 
495 |     def __init__(self, ofile, maxresultrows=None):
496 |         self._maxresultrows = 50000 if maxresultrows is None else maxresultrows
497 | 
498 |         self._ofile = set_binary_mode(ofile)
499 |         self._fieldnames = None
500 |         self._buffer = StringIO()
501 | 
502 |         self._writer = csv.writer(self._buffer, dialect=CsvDialect)
503 |         self._writerow = self._writer.writerow
504 |         self._finished = False
505 |         self._flushed = False
506 | 
507 |         self._inspector = OrderedDict()
508 |         self._chunk_count = 0
509 |         self._pending_record_count = 0
510 |         self._committed_record_count = 0
511 | 
512 |     @property
513 |     def is_flushed(self):
514 |         return self._flushed
515 | 
516 |     @is_flushed.setter
517 |     def is_flushed(self, value):
518 |         self._flushed = True if value else False
519 | 
520 |     @property
521 |     def ofile(self):
522 |         return self._ofile
523 | 
524 |     @ofile.setter
525 |     def ofile(self, value):
526 |         self._ofile = set_binary_mode(value)
527 | 
528 |     @property
529 |     def pending_record_count(self):
530 |         return self._pending_record_count
531 | 
532 |     @property
533 |     def _record_count(self):
534 |         warnings.warn(
535 |             "_record_count will be deprecated soon. Use pending_record_count instead.",
536 |              PendingDeprecationWarning
537 |         )
538 |         return self.pending_record_count
539 | 
540 |     @property
541 |     def committed_record_count(self):
542 |         return self._committed_record_count
543 | 
544 |     @property
545 |     def _total_record_count(self):
546 |         warnings.warn(
547 |             "_total_record_count will be deprecated soon. Use committed_record_count instead.",
548 |              PendingDeprecationWarning
549 |         )
550 |         return self.committed_record_count
551 | 
552 |     def write(self, data):
553 |         bytes_type = bytes if sys.version_info >= (3, 0) else str
554 |         if not isinstance(data, bytes_type):
555 |             data = data.encode('utf-8')
556 |         self.ofile.write(data)
557 | 
558 |     def flush(self, finished=None, partial=None):
559 |         assert finished is None or isinstance(finished, bool)
560 |         assert partial is None or isinstance(partial, bool)
561 |         assert not (finished is None and partial is None)
562 |         assert finished is None or partial is None
563 |         self._ensure_validity()
564 | 
565 |     def write_message(self, message_type, message_text, *args, **kwargs):
566 |         self._ensure_validity()
567 |         self._inspector.setdefault('messages', []).append((message_type, message_text.format(*args, **kwargs)))
568 | 
569 |     def write_record(self, record):
570 |         self._ensure_validity()
571 |         self._write_record(record)
572 | 
573 |     def write_records(self, records):
574 |         self._ensure_validity()
575 |         write_record = self._write_record
576 |         for record in records:
577 |             write_record(record)
578 | 
579 |     def _clear(self):
580 |         self._buffer.seek(0)
581 |         self._buffer.truncate()
582 |         self._inspector.clear()
583 |         self._pending_record_count = 0
584 | 
585 |     def _ensure_validity(self):
586 |         if self._finished is True:
587 |             assert self._record_count == 0 and len(self._inspector) == 0
588 |             raise RuntimeError('I/O operation on closed record writer')
589 | 
590 |     def _write_record(self, record):
591 | 
592 |         fieldnames = self._fieldnames
593 | 
594 |         if fieldnames is None:
595 |             self._fieldnames = fieldnames = list(record.keys())
596 |             value_list = imap(lambda fn: (str(fn), str('__mv_') + str(fn)), fieldnames)
597 |             self._writerow(list(chain.from_iterable(value_list)))
598 | 
599 |         get_value = record.get
600 |         values = []
601 | 
602 |         for fieldname in fieldnames:
603 |             value = get_value(fieldname, None)
604 | 
605 |             if value is None:
606 |                 values += (None, None)
607 |                 continue
608 | 
609 |             value_t = type(value)
610 | 
611 |             if issubclass(value_t, (list, tuple)):
612 | 
613 |                 if len(value) == 0:
614 |                     values += (None, None)
615 |                     continue
616 | 
617 |                 if len(value) > 1:
618 |                     value_list = value
619 |                     sv = ''
620 |                     mv = '$'
621 | 
622 |                     for value in value_list:
623 | 
624 |                         if value is None:
625 |                             sv += '\n'
626 |                             mv += '$;$'
627 |                             continue
628 | 
629 |                         value_t = type(value)
630 | 
631 |                         if value_t is not bytes:
632 | 
633 |                             if value_t is bool:
634 |                                 value = str(value.real)
635 |                             elif value_t is six.text_type:
636 |                                 value = value
637 |                             elif isinstance(value, six.integer_types) or value_t is float or value_t is complex:
638 |                                 value = str(value)
639 |                             elif issubclass(value_t, (dict, list, tuple)):
640 |                                 value = str(''.join(RecordWriter._iterencode_json(value, 0)))
641 |                             else:
642 |                                 value = repr(value).encode('utf-8', errors='backslashreplace')
643 | 
644 |                         sv += value + '\n'
645 |                         mv += value.replace('$', '$$') + '$;$'
646 | 
647 |                     values += (sv[:-1], mv[:-2])
648 |                     continue
649 | 
650 |                 value = value[0]
651 |                 value_t = type(value)
652 | 
653 |             if value_t is bool:
654 |                 values += (str(value.real), None)
655 |                 continue
656 | 
657 |             if value_t is bytes:
658 |                 values += (value, None)
659 |                 continue
660 | 
661 |             if value_t is six.text_type:
662 |                 if six.PY2:
663 |                     value = value.encode('utf-8')
664 |                 values += (value, None)
665 |                 continue
666 | 
667 |             if isinstance(value, six.integer_types) or value_t is float or value_t is complex:
668 |                 values += (str(value), None)
669 |                 continue
670 | 
671 |             if issubclass(value_t, dict):
672 |                 values += (str(''.join(RecordWriter._iterencode_json(value, 0))), None)
673 |                 continue
674 | 
675 |             values += (repr(value), None)
676 | 
677 |         self._writerow(values)
678 |         self._pending_record_count += 1
679 | 
680 |         if self.pending_record_count >= self._maxresultrows:
681 |             self.flush(partial=True)
682 | 
683 |     try:
684 |         # noinspection PyUnresolvedReferences
685 |         from _json import make_encoder
686 |     except ImportError:
687 |         # We may be running under PyPy 2.5 which does not include the _json module
688 |         _iterencode_json = JSONEncoder(separators=(',', ':')).iterencode
689 |     else:
690 |         # Creating _iterencode_json this way yields a two-fold performance improvement on Python 2.7.9 and 2.7.10
691 |         from json.encoder import encode_basestring_ascii
692 | 
693 |         @staticmethod
694 |         def _default(o):
695 |             raise TypeError(repr(o) + ' is not JSON serializable')
696 | 
697 |         _iterencode_json = make_encoder(
698 |             {},                       # markers (for detecting circular references)
699 |             _default,                 # object_encoder
700 |             encode_basestring_ascii,  # string_encoder
701 |             None,                     # indent
702 |             ':', ',',                 # separators
703 |             False,                    # sort_keys
704 |             False,                    # skip_keys
705 |             True                      # allow_nan
706 |         )
707 | 
708 |         del make_encoder
709 | 
710 | 
711 | class RecordWriterV1(RecordWriter):
712 | 
713 |     def flush(self, finished=None, partial=None):
714 | 
715 |         RecordWriter.flush(self, finished, partial)  # validates arguments and the state of this instance
716 | 
717 |         if self.pending_record_count > 0 or (self._chunk_count == 0 and 'messages' in self._inspector):
718 | 
719 |             messages = self._inspector.get('messages')
720 | 
721 |             if self._chunk_count == 0:
722 | 
723 |                 # Messages are written to the messages header when we write the first chunk of data
724 |                 # Guarantee: These messages are displayed by splunkweb and the job inspector
725 | 
726 |                 if messages is not None:
727 | 
728 |                     message_level = RecordWriterV1._message_level.get
729 | 
730 |                     for level, text in messages:
731 |                         self.write(message_level(level, level))
732 |                         self.write('=')
733 |                         self.write(text)
734 |                         self.write('\r\n')
735 | 
736 |                 self.write('\r\n')
737 | 
738 |             elif messages is not None:
739 | 
740 |                 # Messages are written to the messages header when we write subsequent chunks of data
741 |                 # Guarantee: These messages are displayed by splunkweb and the job inspector, if and only if the
742 |                 # command is configured with
743 |                 #
744 |                 #       stderr_dest = message
745 |                 #
746 |                 # stderr_dest is a static configuration setting. This means that it can only be set in commands.conf.
747 |                 # It cannot be set in code.
748 | 
749 |                 stderr = sys.stderr
750 | 
751 |                 for level, text in messages:
752 |                     print(level, text, file=stderr)
753 | 
754 |             self.write(self._buffer.getvalue())
755 |             self._chunk_count += 1
756 |             self._committed_record_count += self.pending_record_count
757 |             self._clear()
758 | 
759 |         self._finished = finished is True
760 | 
761 |     _message_level = {
762 |         'DEBUG': 'debug_message',
763 |         'ERROR': 'error_message',
764 |         'FATAL': 'error_message',
765 |         'INFO': 'info_message',
766 |         'WARN': 'warn_message'
767 |     }
768 | 
769 | 
770 | class RecordWriterV2(RecordWriter):
771 | 
772 |     def flush(self, finished=None, partial=None):
773 | 
774 |         RecordWriter.flush(self, finished, partial)  # validates arguments and the state of this instance
775 | 
776 |         if partial or not finished:
777 |             # Don't flush partial chunks, since the SCP v2 protocol does not
778 |             # provide a way to send partial chunks yet.
779 |             return
780 | 
781 |         if not self.is_flushed:
782 |             self.write_chunk(finished=True)
783 | 
784 |     def write_chunk(self, finished=None):
785 |         inspector = self._inspector
786 |         self._committed_record_count += self.pending_record_count
787 |         self._chunk_count += 1
788 | 
789 |         # TODO: DVPL-6448: splunklib.searchcommands | Add support for partial: true when it is implemented in
790 |         # ChunkedExternProcessor (See SPL-103525)
791 |         #
792 |         # We will need to replace the following block of code with this block:
793 |         #
794 |         # metadata = [item for item in (('inspector', inspector), ('finished', finished), ('partial', partial))]
795 |         #
796 |         # if partial is True:
797 |         #     finished = False
798 | 
799 |         if len(inspector) == 0:
800 |             inspector = None
801 | 
802 |         metadata = [item for item in (('inspector', inspector), ('finished', finished))]
803 |         self._write_chunk(metadata, self._buffer.getvalue())
804 |         self._clear()
805 | 
806 |     def write_metadata(self, configuration):
807 |         self._ensure_validity()
808 | 
809 |         metadata = chain(six.iteritems(configuration), (('inspector', self._inspector if self._inspector else None),))
810 |         self._write_chunk(metadata, '')
811 |         self.write('\n')
812 |         self._clear()
813 | 
814 |     def write_metric(self, name, value):
815 |         self._ensure_validity()
816 |         self._inspector['metric.' + name] = value
817 | 
818 |     def _clear(self):
819 |         super(RecordWriterV2, self)._clear()
820 |         self._fieldnames = None
821 | 
822 |     def _write_chunk(self, metadata, body):
823 | 
824 |         if metadata:
825 |             metadata = str(''.join(self._iterencode_json(dict([(n, v) for n, v in metadata if v is not None]), 0)))
826 |             if sys.version_info >= (3, 0):
827 |                 metadata = metadata.encode('utf-8')
828 |             metadata_length = len(metadata)
829 |         else:
830 |             metadata_length = 0
831 | 
832 |         if sys.version_info >= (3, 0):
833 |             body = body.encode('utf-8')
834 |         body_length = len(body)
835 | 
836 |         if not (metadata_length > 0 or body_length > 0):
837 |             return
838 | 
839 |         start_line = 'chunked 1.0,%s,%s\n' % (metadata_length, body_length)
840 |         self.write(start_line)
841 |         self.write(metadata)
842 |         self.write(body)
843 |         self._ofile.flush()
844 |         self._flushed = True
845 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/reporting_command.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright © 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from itertools import chain
 20 | 
 21 | from .internals import ConfigurationSettingsType, json_encode_string
 22 | from .decorators import ConfigurationSetting, Option
 23 | from .streaming_command import StreamingCommand
 24 | from .search_command import SearchCommand
 25 | from .validators import Set
 26 | from splunklib import six
 27 | 
 28 | 
 29 | class ReportingCommand(SearchCommand):
 30 |     """ Processes search result records and generates a reporting data structure.
 31 | 
 32 |     Reporting search commands run as either reduce or map/reduce operations. The reduce part runs on a search head and
 33 |     is responsible for processing a single chunk of search results to produce the command's reporting data structure.
 34 |     The map part is called a streaming preop. It feeds the reduce part with partial results and by default runs on the
 35 |     search head and/or one or more indexers.
 36 | 
 37 |     You must implement a :meth:`reduce` method as a generator function that iterates over a set of event records and
 38 |     yields a reporting data structure. You may implement a :meth:`map` method as a generator function that iterates
 39 |     over a set of event records and yields :class:`dict` or :class:`list(dict)` instances.
 40 | 
 41 |     ReportingCommand configuration
 42 |     ==============================
 43 | 
 44 |     Configure the :meth:`map` operation using a Configuration decorator on your :meth:`map` method. Configure it like
 45 |     you would a :class:`StreamingCommand`. Configure the :meth:`reduce` operation using a Configuration decorator on
 46 |     your :meth:`ReportingCommand` class.
 47 | 
 48 |     You can configure your command for operation under Search Command Protocol (SCP) version 1 or 2. SCP 2 requires
 49 |     Splunk 6.3 or later.
 50 | 
 51 |     """
 52 |     # region Special methods
 53 | 
 54 |     def __init__(self):
 55 |         SearchCommand.__init__(self)
 56 | 
 57 |     # endregion
 58 | 
 59 |     # region Options
 60 | 
 61 |     phase = Option(doc='''
 62 |         **Syntax:** phase=[map|reduce]
 63 | 
 64 |         **Description:** Identifies the phase of the current map-reduce operation.
 65 | 
 66 |     ''', default='reduce', validate=Set('map', 'reduce'))
 67 | 
 68 |     # endregion
 69 | 
 70 |     # region Methods
 71 | 
 72 |     def map(self, records):
 73 |         """ Override this method to compute partial results.
 74 | 
 75 |         :param records:
 76 |         :type records:
 77 | 
 78 |         You must override this method, if :code:`requires_preop=True`.
 79 | 
 80 |         """
 81 |         return NotImplemented
 82 | 
 83 |     def prepare(self):
 84 | 
 85 |         phase = self.phase
 86 | 
 87 |         if phase == 'map':
 88 |             # noinspection PyUnresolvedReferences
 89 |             self._configuration = self.map.ConfigurationSettings(self)
 90 |             return
 91 | 
 92 |         if phase == 'reduce':
 93 |             streaming_preop = chain((self.name, 'phase="map"', str(self._options)), self.fieldnames)
 94 |             self._configuration.streaming_preop = ' '.join(streaming_preop)
 95 |             return
 96 | 
 97 |         raise RuntimeError('Unrecognized reporting command phase: {}'.format(json_encode_string(six.text_type(phase))))
 98 | 
 99 |     def reduce(self, records):
100 |         """ Override this method to produce a reporting data structure.
101 | 
102 |         You must override this method.
103 | 
104 |         """
105 |         raise NotImplementedError('reduce(self, records)')
106 | 
107 |     def _execute(self, ifile, process):
108 |         SearchCommand._execute(self, ifile, getattr(self, self.phase))
109 | 
110 |     # endregion
111 | 
112 |     # region Types
113 | 
114 |     class ConfigurationSettings(SearchCommand.ConfigurationSettings):
115 |         """ Represents the configuration settings for a :code:`ReportingCommand`.
116 | 
117 |         """
118 |         # region SCP v1/v2 Properties
119 | 
120 |         required_fields = ConfigurationSetting(doc='''
121 |             List of required fields for this search which back-propagates to the generating search.
122 | 
123 |             Setting this value enables selected fields mode under SCP 2. Under SCP 1 you must also specify
124 |             :code:`clear_required_fields=True` to enable selected fields mode. To explicitly select all fields,
125 |             specify a value of :const:`['*']`. No error is generated if a specified field is missing.
126 | 
127 |             Default: :const:`None`, which implicitly selects all fields.
128 | 
129 |             Supported by: SCP 1, SCP 2
130 | 
131 |             ''')
132 | 
133 |         requires_preop = ConfigurationSetting(doc='''
134 |             Indicates whether :meth:`ReportingCommand.map` is required for proper command execution.
135 | 
136 |             If :const:`True`, :meth:`ReportingCommand.map` is guaranteed to be called. If :const:`False`, Splunk
137 |             considers it to be an optimization that may be skipped.
138 | 
139 |             Default: :const:`False`
140 | 
141 |             Supported by: SCP 1, SCP 2
142 | 
143 |             ''')
144 | 
145 |         streaming_preop = ConfigurationSetting(doc='''
146 |             Denotes the requested streaming preop search string.
147 | 
148 |             Computed.
149 | 
150 |             Supported by: SCP 1, SCP 2
151 | 
152 |             ''')
153 | 
154 |         # endregion
155 | 
156 |         # region SCP v1 Properties
157 | 
158 |         clear_required_fields = ConfigurationSetting(doc='''
159 |             :const:`True`, if required_fields represent the *only* fields required.
160 | 
161 |             If :const:`False`, required_fields are additive to any fields that may be required by subsequent commands.
162 |             In most cases, :const:`True` is appropriate for reporting commands.
163 | 
164 |             Default: :const:`True`
165 | 
166 |             Supported by: SCP 1
167 | 
168 |             ''')
169 | 
170 |         retainsevents = ConfigurationSetting(readonly=True, value=False, doc='''
171 |             Signals that :meth:`ReportingCommand.reduce` transforms _raw events to produce a reporting data structure.
172 | 
173 |             Fixed: :const:`False`
174 | 
175 |             Supported by: SCP 1
176 | 
177 |             ''')
178 | 
179 |         streaming = ConfigurationSetting(readonly=True, value=False, doc='''
180 |             Signals that :meth:`ReportingCommand.reduce` runs on the search head.
181 | 
182 |             Fixed: :const:`False`
183 | 
184 |             Supported by: SCP 1
185 | 
186 |             ''')
187 | 
188 |         # endregion
189 | 
190 |         # region SCP v2 Properties
191 | 
192 |         maxinputs = ConfigurationSetting(doc='''
193 |             Specifies the maximum number of events that can be passed to the command for each invocation.
194 | 
195 |             This limit cannot exceed the value of `maxresultrows` in limits.conf_. Under SCP 1 you must specify this
196 |             value in commands.conf_.
197 | 
198 |             Default: The value of `maxresultrows`.
199 | 
200 |             Supported by: SCP 2
201 | 
202 |             .. _limits.conf: http://docs.splunk.com/Documentation/Splunk/latest/admin/Limitsconf
203 | 
204 |             ''')
205 | 
206 |         run_in_preview = ConfigurationSetting(doc='''
207 |             :const:`True`, if this command should be run to generate results for preview; not wait for final output.
208 | 
209 |             This may be important for commands that have side effects (e.g., outputlookup).
210 | 
211 |             Default: :const:`True`
212 | 
213 |             Supported by: SCP 2
214 | 
215 |             ''')
216 | 
217 |         type = ConfigurationSetting(readonly=True, value='reporting', doc='''
218 |             Command type name.
219 | 
220 |             Fixed: :const:`'reporting'`.
221 | 
222 |             Supported by: SCP 2
223 | 
224 |             ''')
225 | 
226 |         # endregion
227 | 
228 |         # region Methods
229 | 
230 |         @classmethod
231 |         def fix_up(cls, command):
232 |             """ Verifies :code:`command` class structure and configures the :code:`command.map` method.
233 | 
234 |             Verifies that :code:`command` derives from :class:`ReportingCommand` and overrides
235 |             :code:`ReportingCommand.reduce`. It then configures :code:`command.reduce`, if an overriding implementation
236 |             of :code:`ReportingCommand.reduce` has been provided.
237 | 
238 |             :param command: :code:`ReportingCommand` class
239 | 
240 |             Exceptions:
241 | 
242 |             :code:`TypeError` :code:`command` class is not derived from :code:`ReportingCommand`
243 |             :code:`AttributeError` No :code:`ReportingCommand.reduce` override
244 | 
245 |             """
246 |             if not issubclass(command, ReportingCommand):
247 |                 raise TypeError('{} is not a ReportingCommand'.format( command))
248 | 
249 |             if command.reduce == ReportingCommand.reduce:
250 |                 raise AttributeError('No ReportingCommand.reduce override')
251 | 
252 |             if command.map == ReportingCommand.map:
253 |                 cls._requires_preop = False
254 |                 return
255 | 
256 |             f = vars(command)['map']   # Function backing the map method
257 | 
258 |             # EXPLANATION OF PREVIOUS STATEMENT: There is no way to add custom attributes to methods. See [Why does
259 |             # setattr fail on a method](http://stackoverflow.com/questions/7891277/why-does-setattr-fail-on-a-bound-method) for a discussion of this issue.
260 | 
261 |             try:
262 |                 settings = f._settings
263 |             except AttributeError:
264 |                 f.ConfigurationSettings = StreamingCommand.ConfigurationSettings
265 |                 return
266 | 
267 |             # Create new StreamingCommand.ConfigurationSettings class
268 | 
269 |             module = command.__module__ + '.' + command.__name__ + '.map'
270 |             name = b'ConfigurationSettings'
271 |             bases = (StreamingCommand.ConfigurationSettings,)
272 | 
273 |             f.ConfigurationSettings = ConfigurationSettingsType(module, name, bases)
274 |             ConfigurationSetting.fix_up(f.ConfigurationSettings, settings)
275 |             del f._settings
276 | 
277 |         pass
278 |         # endregion
279 | 
280 |     pass
281 |     # endregion
282 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/streaming_command.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from splunklib import six
 20 | from splunklib.six.moves import map as imap, filter as ifilter
 21 | 
 22 | from .decorators import ConfigurationSetting
 23 | from .search_command import SearchCommand
 24 | 
 25 | 
 26 | class StreamingCommand(SearchCommand):
 27 |     """ Applies a transformation to search results as they travel through the streams pipeline.
 28 | 
 29 |     Streaming commands typically filter, augment, or update, search result records. Splunk will send them in batches of
 30 |     up to 50,000 records. Hence, a search command must be prepared to be invoked many times during the course of
 31 |     pipeline processing. Each invocation should produce a set of results independently usable by downstream processors.
 32 | 
 33 |     By default Splunk may choose to run a streaming command locally on a search head and/or remotely on one or more
 34 |     indexers concurrently. The size and frequency of the search result batches sent to the command will vary based
 35 |     on scheduling considerations.
 36 | 
 37 |     StreamingCommand configuration
 38 |     ==============================
 39 | 
 40 |     You can configure your command for operation under Search Command Protocol (SCP) version 1 or 2. SCP 2 requires
 41 |     Splunk 6.3 or later.
 42 | 
 43 |     """
 44 |     # region Methods
 45 | 
 46 |     def stream(self, records):
 47 |         """ Generator function that processes and yields event records to the Splunk stream pipeline.
 48 | 
 49 |         You must override this method.
 50 | 
 51 |         """
 52 |         raise NotImplementedError('StreamingCommand.stream(self, records)')
 53 | 
 54 |     def _execute(self, ifile, process):
 55 |         SearchCommand._execute(self, ifile, self.stream)
 56 | 
 57 |     # endregion
 58 | 
 59 |     class ConfigurationSettings(SearchCommand.ConfigurationSettings):
 60 |         """ Represents the configuration settings that apply to a :class:`StreamingCommand`.
 61 | 
 62 |         """
 63 |         # region SCP v1/v2 properties
 64 | 
 65 |         required_fields = ConfigurationSetting(doc='''
 66 |             List of required fields for this search which back-propagates to the generating search.
 67 | 
 68 |             Setting this value enables selected fields mode under SCP 2. Under SCP 1 you must also specify
 69 |             :code:`clear_required_fields=True` to enable selected fields mode. To explicitly select all fields,
 70 |             specify a value of :const:`['*']`. No error is generated if a specified field is missing.
 71 | 
 72 |             Default: :const:`None`, which implicitly selects all fields.
 73 | 
 74 |             Supported by: SCP 1, SCP 2
 75 | 
 76 |             ''')
 77 | 
 78 |         # endregion
 79 | 
 80 |         # region SCP v1 properties
 81 | 
 82 |         clear_required_fields = ConfigurationSetting(doc='''
 83 |             :const:`True`, if required_fields represent the *only* fields required.
 84 | 
 85 |             If :const:`False`, required_fields are additive to any fields that may be required by subsequent commands.
 86 |             In most cases, :const:`False` is appropriate for streaming commands.
 87 | 
 88 |             Default: :const:`False`
 89 | 
 90 |             Supported by: SCP 1
 91 | 
 92 |             ''')
 93 | 
 94 |         local = ConfigurationSetting(doc='''
 95 |             :const:`True`, if the command should run locally on the search head.
 96 | 
 97 |             Default: :const:`False`
 98 | 
 99 |             Supported by: SCP 1
100 | 
101 |             ''')
102 | 
103 |         overrides_timeorder = ConfigurationSetting(doc='''
104 |             :const:`True`, if the command changes the order of events with respect to time.
105 | 
106 |             Default: :const:`False`
107 | 
108 |             Supported by: SCP 1
109 | 
110 |             ''')
111 | 
112 |         streaming = ConfigurationSetting(readonly=True, value=True, doc='''
113 |             Specifies that the command is streamable.
114 | 
115 |             Fixed: :const:`True`
116 | 
117 |             Supported by: SCP 1
118 | 
119 |             ''')
120 | 
121 |         # endregion
122 | 
123 |         # region SCP v2 Properties
124 | 
125 |         distributed = ConfigurationSetting(value=True, doc='''
126 |             :const:`True`, if this command should be distributed to indexers.
127 | 
128 |             Under SCP 1 you must either specify `local = False` or include this line in commands.conf_, if this command
129 |             should be distributed to indexers.
130 | 
131 |             ..code:
132 |                 local = true
133 | 
134 |             Default: :const:`True`
135 | 
136 |             Supported by: SCP 2
137 | 
138 |             .. commands.conf_: http://docs.splunk.com/Documentation/Splunk/latest/Admin/Commandsconf
139 | 
140 |             ''')
141 | 
142 |         maxinputs = ConfigurationSetting(doc='''
143 |             Specifies the maximum number of events that can be passed to the command for each invocation.
144 | 
145 |             This limit cannot exceed the value of `maxresultrows` in limits.conf. Under SCP 1 you must specify this
146 |             value in commands.conf_.
147 | 
148 |             Default: The value of `maxresultrows`.
149 | 
150 |             Supported by: SCP 2
151 | 
152 |             ''')
153 | 
154 |         type = ConfigurationSetting(readonly=True, value='streaming', doc='''
155 |             Command type name.
156 | 
157 |             Fixed: :const:`'streaming'`
158 | 
159 |             Supported by: SCP 2
160 | 
161 |             ''')
162 | 
163 |         # endregion
164 | 
165 |         # region Methods
166 | 
167 |         @classmethod
168 |         def fix_up(cls, command):
169 |             """ Verifies :code:`command` class structure.
170 | 
171 |             """
172 |             if command.stream == StreamingCommand.stream:
173 |                 raise AttributeError('No StreamingCommand.stream override')
174 |             return
175 | 
176 |         # TODO: Stop looking like a dictionary because we don't obey the semantics
177 |         # N.B.: Does not use Python 2 dict copy semantics
178 |         def iteritems(self):
179 |             iteritems = SearchCommand.ConfigurationSettings.iteritems(self)
180 |             version = self.command.protocol_version
181 |             if version == 1:
182 |                 if self.required_fields is None:
183 |                     iteritems = ifilter(lambda name_value: name_value[0] != 'clear_required_fields', iteritems)
184 |             else:
185 |                 iteritems = ifilter(lambda name_value2: name_value2[0] != 'distributed', iteritems)
186 |                 if not self.distributed:
187 |                     iteritems = imap(
188 |                         lambda name_value1: (name_value1[0], 'stateful') if name_value1[0] == 'type' else (name_value1[0], name_value1[1]), iteritems)
189 |             return iteritems
190 | 
191 |         # N.B.: Does not use Python 3 dict view semantics
192 |         if not six.PY2:
193 |             items = iteritems
194 | 
195 |         # endregion
196 | 


--------------------------------------------------------------------------------
/bin/splunklib/searchcommands/validators.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | #
  3 | # Copyright 2011-2015 Splunk, Inc.
  4 | #
  5 | # Licensed under the Apache License, Version 2.0 (the "License"): you may
  6 | # not use this file except in compliance with the License. You may obtain
  7 | # a copy of the License at
  8 | #
  9 | #     http://www.apache.org/licenses/LICENSE-2.0
 10 | #
 11 | # Unless required by applicable law or agreed to in writing, software
 12 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 13 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 14 | # License for the specific language governing permissions and limitations
 15 | # under the License.
 16 | 
 17 | from __future__ import absolute_import, division, print_function, unicode_literals
 18 | 
 19 | from json.encoder import encode_basestring_ascii as json_encode_string
 20 | from collections import namedtuple
 21 | from splunklib.six.moves import StringIO
 22 | from io import open
 23 | import csv
 24 | import os
 25 | import re
 26 | from splunklib import six
 27 | from splunklib.six.moves import getcwd
 28 | 
 29 | 
 30 | class Validator(object):
 31 |     """ Base class for validators that check and format search command options.
 32 | 
 33 |     You must inherit from this class and override :code:`Validator.__call__` and
 34 |     :code:`Validator.format`. :code:`Validator.__call__` should convert the
 35 |     value it receives as argument and then return it or raise a
 36 |     :code:`ValueError`, if the value will not convert.
 37 | 
 38 |     :code:`Validator.format` should return a human readable version of the value
 39 |     it receives as argument the same way :code:`str` does.
 40 | 
 41 |     """
 42 |     def __call__(self, value):
 43 |         raise NotImplementedError()
 44 | 
 45 |     def format(self, value):
 46 |         raise NotImplementedError()
 47 | 
 48 | 
 49 | class Boolean(Validator):
 50 |     """ Validates Boolean option values.
 51 | 
 52 |     """
 53 |     truth_values = {
 54 |         '1': True, '0': False,
 55 |         't': True, 'f': False,
 56 |         'true': True, 'false': False,
 57 |         'y': True, 'n': False,
 58 |         'yes': True, 'no': False
 59 |     }
 60 | 
 61 |     def __call__(self, value):
 62 |         if not (value is None or isinstance(value, bool)):
 63 |             value = six.text_type(value).lower()
 64 |             if value not in Boolean.truth_values:
 65 |                 raise ValueError('Unrecognized truth value: {0}'.format(value))
 66 |             value = Boolean.truth_values[value]
 67 |         return value
 68 | 
 69 |     def format(self, value):
 70 |         return None if value is None else 't' if value else 'f'
 71 | 
 72 | 
 73 | class Code(Validator):
 74 |     """ Validates code option values.
 75 | 
 76 |     This validator compiles an option value into a Python code object that can be executed by :func:`exec` or evaluated
 77 |     by :func:`eval`. The value returned is a :func:`namedtuple` with two members: object, the result of compilation, and
 78 |     source, the original option value.
 79 | 
 80 |     """
 81 |     def __init__(self, mode='eval'):
 82 |         """
 83 |         :param mode: Specifies what kind of code must be compiled; it can be :const:`'exec'`, if source consists of a
 84 |             sequence of statements, :const:`'eval'`, if it consists of a single expression, or :const:`'single'` if it
 85 |             consists of a single interactive statement. In the latter case, expression statements that evaluate to
 86 |             something other than :const:`None` will be printed.
 87 |         :type mode: unicode or bytes
 88 | 
 89 |         """
 90 |         self._mode = mode
 91 | 
 92 |     def __call__(self, value):
 93 |         if value is None:
 94 |             return None
 95 |         try:
 96 |             return Code.object(compile(value, 'string', self._mode), six.text_type(value))
 97 |         except (SyntaxError, TypeError) as error:
 98 |             if six.PY2:
 99 |                 message = error.message
100 |             else:
101 |                 message = str(error)
102 | 
103 |             six.raise_from(ValueError(message), error)
104 | 
105 |     def format(self, value):
106 |         return None if value is None else value.source
107 | 
108 |     object = namedtuple('Code', ('object', 'source'))
109 | 
110 | 
111 | class Fieldname(Validator):
112 |     """ Validates field name option values.
113 | 
114 |     """
115 |     pattern = re.compile(r'''[_.a-zA-Z-][_.a-zA-Z0-9-]*$''')
116 | 
117 |     def __call__(self, value):
118 |         if value is not None:
119 |             value = six.text_type(value)
120 |             if Fieldname.pattern.match(value) is None:
121 |                 raise ValueError('Illegal characters in fieldname: {}'.format(value))
122 |         return value
123 | 
124 |     def format(self, value):
125 |         return value
126 | 
127 | 
128 | class File(Validator):
129 |     """ Validates file option values.
130 | 
131 |     """
132 |     def __init__(self, mode='rt', buffering=None, directory=None):
133 |         self.mode = mode
134 |         self.buffering = buffering
135 |         self.directory = File._var_run_splunk if directory is None else directory
136 | 
137 |     def __call__(self, value):
138 | 
139 |         if value is None:
140 |             return value
141 | 
142 |         path = six.text_type(value)
143 | 
144 |         if not os.path.isabs(path):
145 |             path = os.path.join(self.directory, path)
146 | 
147 |         try:
148 |             value = open(path, self.mode) if self.buffering is None else open(path, self.mode, self.buffering)
149 |         except IOError as error:
150 |             raise ValueError('Cannot open {0} with mode={1} and buffering={2}: {3}'.format(
151 |                 value, self.mode, self.buffering, error))
152 | 
153 |         return value
154 | 
155 |     def format(self, value):
156 |         return None if value is None else value.name
157 | 
158 |     _var_run_splunk = os.path.join(
159 |         os.environ['SPLUNK_HOME'] if 'SPLUNK_HOME' in os.environ else getcwd(), 'var', 'run', 'splunk')
160 | 
161 | 
162 | class Integer(Validator):
163 |     """ Validates integer option values.
164 | 
165 |     """
166 |     def __init__(self, minimum=None, maximum=None):
167 |         if minimum is not None and maximum is not None:
168 |             def check_range(value):
169 |                 if not (minimum <= value <= maximum):
170 |                     raise ValueError('Expected integer in the range [{0},{1}], not {2}'.format(minimum, maximum, value))
171 |                 return
172 |         elif minimum is not None:
173 |             def check_range(value):
174 |                 if value < minimum:
175 |                     raise ValueError('Expected integer in the range [{0},+∞], not {1}'.format(minimum, value))
176 |                 return
177 |         elif maximum is not None:
178 |             def check_range(value):
179 |                 if value > maximum:
180 |                     raise ValueError('Expected integer in the range [-∞,{0}], not {1}'.format(maximum, value))
181 |                 return
182 |         else:
183 |             def check_range(value):
184 |                 return
185 | 
186 |         self.check_range = check_range
187 |         return
188 | 
189 |     def __call__(self, value):
190 |         if value is None:
191 |             return None
192 |         try:
193 |             if six.PY2:
194 |                 value = long(value)
195 |             else:
196 |                 value = int(value)
197 |         except ValueError:
198 |             raise ValueError('Expected integer value, not {}'.format(json_encode_string(value)))
199 | 
200 |         self.check_range(value)
201 |         return value
202 | 
203 |     def format(self, value):
204 |         return None if value is None else six.text_type(int(value))
205 | 
206 | 
207 | class Duration(Validator):
208 |     """ Validates duration option values.
209 | 
210 |     """
211 |     def __call__(self, value):
212 | 
213 |         if value is None:
214 |             return None
215 | 
216 |         p = value.split(':', 2)
217 |         result = None
218 |         _60 = Duration._60
219 |         _unsigned = Duration._unsigned
220 | 
221 |         try:
222 |             if len(p) == 1:
223 |                 result = _unsigned(p[0])
224 |             if len(p) == 2:
225 |                 result = 60 * _unsigned(p[0]) + _60(p[1])
226 |             if len(p) == 3:
227 |                 result = 3600 * _unsigned(p[0]) + 60 * _60(p[1]) + _60(p[2])
228 |         except ValueError:
229 |             raise ValueError('Invalid duration value: {0}'.format(value))
230 | 
231 |         return result
232 | 
233 |     def format(self, value):
234 | 
235 |         if value is None:
236 |             return None
237 | 
238 |         value = int(value)
239 | 
240 |         s = value % 60
241 |         m = value // 60 % 60
242 |         h = value // (60 * 60)
243 | 
244 |         return '{0:02d}:{1:02d}:{2:02d}'.format(h, m, s)
245 | 
246 |     _60 = Integer(0, 59)
247 |     _unsigned = Integer(0)
248 | 
249 | 
250 | class List(Validator):
251 |     """ Validates a list of strings
252 | 
253 |     """
254 |     class Dialect(csv.Dialect):
255 |         """ Describes the properties of list option values. """
256 |         strict = True
257 |         delimiter = str(',')
258 |         quotechar = str('"')
259 |         doublequote = True
260 |         lineterminator = str('\n')
261 |         skipinitialspace = True
262 |         quoting = csv.QUOTE_MINIMAL
263 | 
264 |     def __init__(self, validator=None):
265 |         if not (validator is None or isinstance(validator, Validator)):
266 |             raise ValueError('Expected a Validator instance or None for validator, not {}', repr(validator))
267 |         self._validator = validator
268 | 
269 |     def __call__(self, value):
270 | 
271 |         if value is None or isinstance(value, list):
272 |             return value
273 | 
274 |         try:
275 |             value = next(csv.reader([value], self.Dialect))
276 |         except csv.Error as error:
277 |             raise ValueError(error)
278 | 
279 |         if self._validator is None:
280 |             return value
281 | 
282 |         try:
283 |             for index, item in enumerate(value):
284 |                 value[index] = self._validator(item)
285 |         except ValueError as error:
286 |             raise ValueError('Could not convert item {}: {}'.format(index, error))
287 | 
288 |         return value
289 | 
290 |     def format(self, value):
291 |         output = StringIO()
292 |         writer = csv.writer(output, List.Dialect)
293 |         writer.writerow(value)
294 |         value = output.getvalue()
295 |         return value[:-1]
296 | 
297 | 
298 | class Map(Validator):
299 |     """ Validates map option values.
300 | 
301 |     """
302 |     def __init__(self, **kwargs):
303 |         self.membership = kwargs
304 | 
305 |     def __call__(self, value):
306 | 
307 |         if value is None:
308 |             return None
309 | 
310 |         value = six.text_type(value)
311 | 
312 |         if value not in self.membership:
313 |             raise ValueError('Unrecognized value: {0}'.format(value))
314 | 
315 |         return self.membership[value]
316 | 
317 |     def format(self, value):
318 |         return None if value is None else list(self.membership.keys())[list(self.membership.values()).index(value)]
319 | 
320 | 
321 | class Match(Validator):
322 |     """ Validates that a value matches a regular expression pattern.
323 | 
324 |     """
325 |     def __init__(self, name, pattern, flags=0):
326 |         self.name = six.text_type(name)
327 |         self.pattern = re.compile(pattern, flags)
328 | 
329 |     def __call__(self, value):
330 |         if value is None:
331 |             return None
332 |         value = six.text_type(value)
333 |         if self.pattern.match(value) is None:
334 |             raise ValueError('Expected {}, not {}'.format(self.name, json_encode_string(value)))
335 |         return value
336 | 
337 |     def format(self, value):
338 |         return None if value is None else six.text_type(value)
339 | 
340 | 
341 | class OptionName(Validator):
342 |     """ Validates option names.
343 | 
344 |     """
345 |     pattern = re.compile(r'''(?=\w)[^\d]\w*$''', re.UNICODE)
346 | 
347 |     def __call__(self, value):
348 |         if value is not None:
349 |             value = six.text_type(value)
350 |             if OptionName.pattern.match(value) is None:
351 |                 raise ValueError('Illegal characters in option name: {}'.format(value))
352 |         return value
353 | 
354 |     def format(self, value):
355 |         return None if value is None else six.text_type(value)
356 | 
357 | 
358 | class RegularExpression(Validator):
359 |     """ Validates regular expression option values.
360 | 
361 |     """
362 |     def __call__(self, value):
363 |         if value is None:
364 |             return None
365 |         try:
366 |             value = re.compile(six.text_type(value))
367 |         except re.error as error:
368 |             raise ValueError('{}: {}'.format(six.text_type(error).capitalize(), value))
369 |         return value
370 | 
371 |     def format(self, value):
372 |         return None if value is None else value.pattern
373 | 
374 | 
375 | class Set(Validator):
376 |     """ Validates set option values.
377 | 
378 |     """
379 |     def __init__(self, *args):
380 |         self.membership = set(args)
381 | 
382 |     def __call__(self, value):
383 |         if value is None:
384 |             return None
385 |         value = six.text_type(value)
386 |         if value not in self.membership:
387 |             raise ValueError('Unrecognized value: {}'.format(value))
388 |         return value
389 | 
390 |     def format(self, value):
391 |         return self.__call__(value)
392 | 
393 | 
394 | __all__ = ['Boolean', 'Code', 'Duration', 'File', 'Integer', 'List', 'Map', 'RegularExpression', 'Set']
395 | 


--------------------------------------------------------------------------------
/bin/splunklib/six.py:
--------------------------------------------------------------------------------
  1 | # Copyright (c) 2010-2020 Benjamin Peterson
  2 | #
  3 | # Permission is hereby granted, free of charge, to any person obtaining a copy
  4 | # of this software and associated documentation files (the "Software"), to deal
  5 | # in the Software without restriction, including without limitation the rights
  6 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  7 | # copies of the Software, and to permit persons to whom the Software is
  8 | # furnished to do so, subject to the following conditions:
  9 | #
 10 | # The above copyright notice and this permission notice shall be included in all
 11 | # copies or substantial portions of the Software.
 12 | #
 13 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 14 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 15 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 16 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 17 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 18 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 19 | # SOFTWARE.
 20 | 
 21 | """Utilities for writing code that runs on Python 2 and 3"""
 22 | 
 23 | from __future__ import absolute_import
 24 | 
 25 | import functools
 26 | import itertools
 27 | import operator
 28 | import sys
 29 | import types
 30 | 
 31 | __author__ = "Benjamin Peterson <benjamin@python.org>"
 32 | __version__ = "1.14.0"
 33 | 
 34 | 
 35 | # Useful for very coarse version differentiation.
 36 | PY2 = sys.version_info[0] == 2
 37 | PY3 = sys.version_info[0] == 3
 38 | PY34 = sys.version_info[0:2] >= (3, 4)
 39 | 
 40 | if PY3:
 41 |     string_types = str,
 42 |     integer_types = int,
 43 |     class_types = type,
 44 |     text_type = str
 45 |     binary_type = bytes
 46 | 
 47 |     MAXSIZE = sys.maxsize
 48 | else:
 49 |     string_types = basestring,
 50 |     integer_types = (int, long)
 51 |     class_types = (type, types.ClassType)
 52 |     text_type = unicode
 53 |     binary_type = str
 54 | 
 55 |     if sys.platform.startswith("java"):
 56 |         # Jython always uses 32 bits.
 57 |         MAXSIZE = int((1 << 31) - 1)
 58 |     else:
 59 |         # It's possible to have sizeof(long) != sizeof(Py_ssize_t).
 60 |         class X(object):
 61 | 
 62 |             def __len__(self):
 63 |                 return 1 << 31
 64 |         try:
 65 |             len(X())
 66 |         except OverflowError:
 67 |             # 32-bit
 68 |             MAXSIZE = int((1 << 31) - 1)
 69 |         else:
 70 |             # 64-bit
 71 |             MAXSIZE = int((1 << 63) - 1)
 72 |         del X
 73 | 
 74 | 
 75 | def _add_doc(func, doc):
 76 |     """Add documentation to a function."""
 77 |     func.__doc__ = doc
 78 | 
 79 | 
 80 | def _import_module(name):
 81 |     """Import module, returning the module after the last dot."""
 82 |     __import__(name)
 83 |     return sys.modules[name]
 84 | 
 85 | 
 86 | class _LazyDescr(object):
 87 | 
 88 |     def __init__(self, name):
 89 |         self.name = name
 90 | 
 91 |     def __get__(self, obj, tp):
 92 |         result = self._resolve()
 93 |         setattr(obj, self.name, result)  # Invokes __set__.
 94 |         try:
 95 |             # This is a bit ugly, but it avoids running this again by
 96 |             # removing this descriptor.
 97 |             delattr(obj.__class__, self.name)
 98 |         except AttributeError:
 99 |             pass
100 |         return result
101 | 
102 | 
103 | class MovedModule(_LazyDescr):
104 | 
105 |     def __init__(self, name, old, new=None):
106 |         super(MovedModule, self).__init__(name)
107 |         if PY3:
108 |             if new is None:
109 |                 new = name
110 |             self.mod = new
111 |         else:
112 |             self.mod = old
113 | 
114 |     def _resolve(self):
115 |         return _import_module(self.mod)
116 | 
117 |     def __getattr__(self, attr):
118 |         _module = self._resolve()
119 |         value = getattr(_module, attr)
120 |         setattr(self, attr, value)
121 |         return value
122 | 
123 | 
124 | class _LazyModule(types.ModuleType):
125 | 
126 |     def __init__(self, name):
127 |         super(_LazyModule, self).__init__(name)
128 |         self.__doc__ = self.__class__.__doc__
129 | 
130 |     def __dir__(self):
131 |         attrs = ["__doc__", "__name__"]
132 |         attrs += [attr.name for attr in self._moved_attributes]
133 |         return attrs
134 | 
135 |     # Subclasses should override this
136 |     _moved_attributes = []
137 | 
138 | 
139 | class MovedAttribute(_LazyDescr):
140 | 
141 |     def __init__(self, name, old_mod, new_mod, old_attr=None, new_attr=None):
142 |         super(MovedAttribute, self).__init__(name)
143 |         if PY3:
144 |             if new_mod is None:
145 |                 new_mod = name
146 |             self.mod = new_mod
147 |             if new_attr is None:
148 |                 if old_attr is None:
149 |                     new_attr = name
150 |                 else:
151 |                     new_attr = old_attr
152 |             self.attr = new_attr
153 |         else:
154 |             self.mod = old_mod
155 |             if old_attr is None:
156 |                 old_attr = name
157 |             self.attr = old_attr
158 | 
159 |     def _resolve(self):
160 |         module = _import_module(self.mod)
161 |         return getattr(module, self.attr)
162 | 
163 | 
164 | class _SixMetaPathImporter(object):
165 | 
166 |     """
167 |     A meta path importer to import six.moves and its submodules.
168 | 
169 |     This class implements a PEP302 finder and loader. It should be compatible
170 |     with Python 2.5 and all existing versions of Python3
171 |     """
172 | 
173 |     def __init__(self, six_module_name):
174 |         self.name = six_module_name
175 |         self.known_modules = {}
176 | 
177 |     def _add_module(self, mod, *fullnames):
178 |         for fullname in fullnames:
179 |             self.known_modules[self.name + "." + fullname] = mod
180 | 
181 |     def _get_module(self, fullname):
182 |         return self.known_modules[self.name + "." + fullname]
183 | 
184 |     def find_module(self, fullname, path=None):
185 |         if fullname in self.known_modules:
186 |             return self
187 |         return None
188 | 
189 |     def __get_module(self, fullname):
190 |         try:
191 |             return self.known_modules[fullname]
192 |         except KeyError:
193 |             raise ImportError("This loader does not know module " + fullname)
194 | 
195 |     def load_module(self, fullname):
196 |         try:
197 |             # in case of a reload
198 |             return sys.modules[fullname]
199 |         except KeyError:
200 |             pass
201 |         mod = self.__get_module(fullname)
202 |         if isinstance(mod, MovedModule):
203 |             mod = mod._resolve()
204 |         else:
205 |             mod.__loader__ = self
206 |         sys.modules[fullname] = mod
207 |         return mod
208 | 
209 |     def is_package(self, fullname):
210 |         """
211 |         Return true, if the named module is a package.
212 | 
213 |         We need this method to get correct spec objects with
214 |         Python 3.4 (see PEP451)
215 |         """
216 |         return hasattr(self.__get_module(fullname), "__path__")
217 | 
218 |     def get_code(self, fullname):
219 |         """Return None
220 | 
221 |         Required, if is_package is implemented"""
222 |         self.__get_module(fullname)  # eventually raises ImportError
223 |         return None
224 |     get_source = get_code  # same as get_code
225 | 
226 | _importer = _SixMetaPathImporter(__name__)
227 | 
228 | 
229 | class _MovedItems(_LazyModule):
230 | 
231 |     """Lazy loading of moved objects"""
232 |     __path__ = []  # mark as package
233 | 
234 | 
235 | _moved_attributes = [
236 |     MovedAttribute("cStringIO", "cStringIO", "io", "StringIO"),
237 |     MovedAttribute("filter", "itertools", "builtins", "ifilter", "filter"),
238 |     MovedAttribute("filterfalse", "itertools", "itertools", "ifilterfalse", "filterfalse"),
239 |     MovedAttribute("input", "__builtin__", "builtins", "raw_input", "input"),
240 |     MovedAttribute("intern", "__builtin__", "sys"),
241 |     MovedAttribute("map", "itertools", "builtins", "imap", "map"),
242 |     MovedAttribute("getcwd", "os", "os", "getcwdu", "getcwd"),
243 |     MovedAttribute("getcwdb", "os", "os", "getcwd", "getcwdb"),
244 |     MovedAttribute("getoutput", "commands", "subprocess"),
245 |     MovedAttribute("range", "__builtin__", "builtins", "xrange", "range"),
246 |     MovedAttribute("reload_module", "__builtin__", "importlib" if PY34 else "imp", "reload"),
247 |     MovedAttribute("reduce", "__builtin__", "functools"),
248 |     MovedAttribute("shlex_quote", "pipes", "shlex", "quote"),
249 |     MovedAttribute("StringIO", "StringIO", "io"),
250 |     MovedAttribute("UserDict", "UserDict", "collections"),
251 |     MovedAttribute("UserList", "UserList", "collections"),
252 |     MovedAttribute("UserString", "UserString", "collections"),
253 |     MovedAttribute("xrange", "__builtin__", "builtins", "xrange", "range"),
254 |     MovedAttribute("zip", "itertools", "builtins", "izip", "zip"),
255 |     MovedAttribute("zip_longest", "itertools", "itertools", "izip_longest", "zip_longest"),
256 |     MovedModule("builtins", "__builtin__"),
257 |     MovedModule("configparser", "ConfigParser"),
258 |     MovedModule("collections_abc", "collections", "collections.abc" if sys.version_info >= (3, 3) else "collections"),
259 |     MovedModule("copyreg", "copy_reg"),
260 |     MovedModule("dbm_gnu", "gdbm", "dbm.gnu"),
261 |     MovedModule("dbm_ndbm", "dbm", "dbm.ndbm"),
262 |     MovedModule("_dummy_thread", "dummy_thread", "_dummy_thread" if sys.version_info < (3, 9) else "_thread"),
263 |     MovedModule("http_cookiejar", "cookielib", "http.cookiejar"),
264 |     MovedModule("http_cookies", "Cookie", "http.cookies"),
265 |     MovedModule("html_entities", "htmlentitydefs", "html.entities"),
266 |     MovedModule("html_parser", "HTMLParser", "html.parser"),
267 |     MovedModule("http_client", "httplib", "http.client"),
268 |     MovedModule("email_mime_base", "email.MIMEBase", "email.mime.base"),
269 |     MovedModule("email_mime_image", "email.MIMEImage", "email.mime.image"),
270 |     MovedModule("email_mime_multipart", "email.MIMEMultipart", "email.mime.multipart"),
271 |     MovedModule("email_mime_nonmultipart", "email.MIMENonMultipart", "email.mime.nonmultipart"),
272 |     MovedModule("email_mime_text", "email.MIMEText", "email.mime.text"),
273 |     MovedModule("BaseHTTPServer", "BaseHTTPServer", "http.server"),
274 |     MovedModule("CGIHTTPServer", "CGIHTTPServer", "http.server"),
275 |     MovedModule("SimpleHTTPServer", "SimpleHTTPServer", "http.server"),
276 |     MovedModule("cPickle", "cPickle", "pickle"),
277 |     MovedModule("queue", "Queue"),
278 |     MovedModule("reprlib", "repr"),
279 |     MovedModule("socketserver", "SocketServer"),
280 |     MovedModule("_thread", "thread", "_thread"),
281 |     MovedModule("tkinter", "Tkinter"),
282 |     MovedModule("tkinter_dialog", "Dialog", "tkinter.dialog"),
283 |     MovedModule("tkinter_filedialog", "FileDialog", "tkinter.filedialog"),
284 |     MovedModule("tkinter_scrolledtext", "ScrolledText", "tkinter.scrolledtext"),
285 |     MovedModule("tkinter_simpledialog", "SimpleDialog", "tkinter.simpledialog"),
286 |     MovedModule("tkinter_tix", "Tix", "tkinter.tix"),
287 |     MovedModule("tkinter_ttk", "ttk", "tkinter.ttk"),
288 |     MovedModule("tkinter_constants", "Tkconstants", "tkinter.constants"),
289 |     MovedModule("tkinter_dnd", "Tkdnd", "tkinter.dnd"),
290 |     MovedModule("tkinter_colorchooser", "tkColorChooser",
291 |                 "tkinter.colorchooser"),
292 |     MovedModule("tkinter_commondialog", "tkCommonDialog",
293 |                 "tkinter.commondialog"),
294 |     MovedModule("tkinter_tkfiledialog", "tkFileDialog", "tkinter.filedialog"),
295 |     MovedModule("tkinter_font", "tkFont", "tkinter.font"),
296 |     MovedModule("tkinter_messagebox", "tkMessageBox", "tkinter.messagebox"),
297 |     MovedModule("tkinter_tksimpledialog", "tkSimpleDialog",
298 |                 "tkinter.simpledialog"),
299 |     MovedModule("urllib_parse", __name__ + ".moves.urllib_parse", "urllib.parse"),
300 |     MovedModule("urllib_error", __name__ + ".moves.urllib_error", "urllib.error"),
301 |     MovedModule("urllib", __name__ + ".moves.urllib", __name__ + ".moves.urllib"),
302 |     MovedModule("urllib_robotparser", "robotparser", "urllib.robotparser"),
303 |     MovedModule("xmlrpc_client", "xmlrpclib", "xmlrpc.client"),
304 |     MovedModule("xmlrpc_server", "SimpleXMLRPCServer", "xmlrpc.server"),
305 | ]
306 | # Add windows specific modules.
307 | if sys.platform == "win32":
308 |     _moved_attributes += [
309 |         MovedModule("winreg", "_winreg"),
310 |     ]
311 | 
312 | for attr in _moved_attributes:
313 |     setattr(_MovedItems, attr.name, attr)
314 |     if isinstance(attr, MovedModule):
315 |         _importer._add_module(attr, "moves." + attr.name)
316 | del attr
317 | 
318 | _MovedItems._moved_attributes = _moved_attributes
319 | 
320 | moves = _MovedItems(__name__ + ".moves")
321 | _importer._add_module(moves, "moves")
322 | 
323 | 
324 | class Module_six_moves_urllib_parse(_LazyModule):
325 | 
326 |     """Lazy loading of moved objects in six.moves.urllib_parse"""
327 | 
328 | 
329 | _urllib_parse_moved_attributes = [
330 |     MovedAttribute("ParseResult", "urlparse", "urllib.parse"),
331 |     MovedAttribute("SplitResult", "urlparse", "urllib.parse"),
332 |     MovedAttribute("parse_qs", "urlparse", "urllib.parse"),
333 |     MovedAttribute("parse_qsl", "urlparse", "urllib.parse"),
334 |     MovedAttribute("urldefrag", "urlparse", "urllib.parse"),
335 |     MovedAttribute("urljoin", "urlparse", "urllib.parse"),
336 |     MovedAttribute("urlparse", "urlparse", "urllib.parse"),
337 |     MovedAttribute("urlsplit", "urlparse", "urllib.parse"),
338 |     MovedAttribute("urlunparse", "urlparse", "urllib.parse"),
339 |     MovedAttribute("urlunsplit", "urlparse", "urllib.parse"),
340 |     MovedAttribute("quote", "urllib", "urllib.parse"),
341 |     MovedAttribute("quote_plus", "urllib", "urllib.parse"),
342 |     MovedAttribute("unquote", "urllib", "urllib.parse"),
343 |     MovedAttribute("unquote_plus", "urllib", "urllib.parse"),
344 |     MovedAttribute("unquote_to_bytes", "urllib", "urllib.parse", "unquote", "unquote_to_bytes"),
345 |     MovedAttribute("urlencode", "urllib", "urllib.parse"),
346 |     MovedAttribute("splitquery", "urllib", "urllib.parse"),
347 |     MovedAttribute("splittag", "urllib", "urllib.parse"),
348 |     MovedAttribute("splituser", "urllib", "urllib.parse"),
349 |     MovedAttribute("splitvalue", "urllib", "urllib.parse"),
350 |     MovedAttribute("uses_fragment", "urlparse", "urllib.parse"),
351 |     MovedAttribute("uses_netloc", "urlparse", "urllib.parse"),
352 |     MovedAttribute("uses_params", "urlparse", "urllib.parse"),
353 |     MovedAttribute("uses_query", "urlparse", "urllib.parse"),
354 |     MovedAttribute("uses_relative", "urlparse", "urllib.parse"),
355 | ]
356 | for attr in _urllib_parse_moved_attributes:
357 |     setattr(Module_six_moves_urllib_parse, attr.name, attr)
358 | del attr
359 | 
360 | Module_six_moves_urllib_parse._moved_attributes = _urllib_parse_moved_attributes
361 | 
362 | _importer._add_module(Module_six_moves_urllib_parse(__name__ + ".moves.urllib_parse"),
363 |                       "moves.urllib_parse", "moves.urllib.parse")
364 | 
365 | 
366 | class Module_six_moves_urllib_error(_LazyModule):
367 | 
368 |     """Lazy loading of moved objects in six.moves.urllib_error"""
369 | 
370 | 
371 | _urllib_error_moved_attributes = [
372 |     MovedAttribute("URLError", "urllib2", "urllib.error"),
373 |     MovedAttribute("HTTPError", "urllib2", "urllib.error"),
374 |     MovedAttribute("ContentTooShortError", "urllib", "urllib.error"),
375 | ]
376 | for attr in _urllib_error_moved_attributes:
377 |     setattr(Module_six_moves_urllib_error, attr.name, attr)
378 | del attr
379 | 
380 | Module_six_moves_urllib_error._moved_attributes = _urllib_error_moved_attributes
381 | 
382 | _importer._add_module(Module_six_moves_urllib_error(__name__ + ".moves.urllib.error"),
383 |                       "moves.urllib_error", "moves.urllib.error")
384 | 
385 | 
386 | class Module_six_moves_urllib_request(_LazyModule):
387 | 
388 |     """Lazy loading of moved objects in six.moves.urllib_request"""
389 | 
390 | 
391 | _urllib_request_moved_attributes = [
392 |     MovedAttribute("urlopen", "urllib2", "urllib.request"),
393 |     MovedAttribute("install_opener", "urllib2", "urllib.request"),
394 |     MovedAttribute("build_opener", "urllib2", "urllib.request"),
395 |     MovedAttribute("pathname2url", "urllib", "urllib.request"),
396 |     MovedAttribute("url2pathname", "urllib", "urllib.request"),
397 |     MovedAttribute("getproxies", "urllib", "urllib.request"),
398 |     MovedAttribute("Request", "urllib2", "urllib.request"),
399 |     MovedAttribute("OpenerDirector", "urllib2", "urllib.request"),
400 |     MovedAttribute("HTTPDefaultErrorHandler", "urllib2", "urllib.request"),
401 |     MovedAttribute("HTTPRedirectHandler", "urllib2", "urllib.request"),
402 |     MovedAttribute("HTTPCookieProcessor", "urllib2", "urllib.request"),
403 |     MovedAttribute("ProxyHandler", "urllib2", "urllib.request"),
404 |     MovedAttribute("BaseHandler", "urllib2", "urllib.request"),
405 |     MovedAttribute("HTTPPasswordMgr", "urllib2", "urllib.request"),
406 |     MovedAttribute("HTTPPasswordMgrWithDefaultRealm", "urllib2", "urllib.request"),
407 |     MovedAttribute("AbstractBasicAuthHandler", "urllib2", "urllib.request"),
408 |     MovedAttribute("HTTPBasicAuthHandler", "urllib2", "urllib.request"),
409 |     MovedAttribute("ProxyBasicAuthHandler", "urllib2", "urllib.request"),
410 |     MovedAttribute("AbstractDigestAuthHandler", "urllib2", "urllib.request"),
411 |     MovedAttribute("HTTPDigestAuthHandler", "urllib2", "urllib.request"),
412 |     MovedAttribute("ProxyDigestAuthHandler", "urllib2", "urllib.request"),
413 |     MovedAttribute("HTTPHandler", "urllib2", "urllib.request"),
414 |     MovedAttribute("HTTPSHandler", "urllib2", "urllib.request"),
415 |     MovedAttribute("FileHandler", "urllib2", "urllib.request"),
416 |     MovedAttribute("FTPHandler", "urllib2", "urllib.request"),
417 |     MovedAttribute("CacheFTPHandler", "urllib2", "urllib.request"),
418 |     MovedAttribute("UnknownHandler", "urllib2", "urllib.request"),
419 |     MovedAttribute("HTTPErrorProcessor", "urllib2", "urllib.request"),
420 |     MovedAttribute("urlretrieve", "urllib", "urllib.request"),
421 |     MovedAttribute("urlcleanup", "urllib", "urllib.request"),
422 |     MovedAttribute("URLopener", "urllib", "urllib.request"),
423 |     MovedAttribute("FancyURLopener", "urllib", "urllib.request"),
424 |     MovedAttribute("proxy_bypass", "urllib", "urllib.request"),
425 |     MovedAttribute("parse_http_list", "urllib2", "urllib.request"),
426 |     MovedAttribute("parse_keqv_list", "urllib2", "urllib.request"),
427 | ]
428 | for attr in _urllib_request_moved_attributes:
429 |     setattr(Module_six_moves_urllib_request, attr.name, attr)
430 | del attr
431 | 
432 | Module_six_moves_urllib_request._moved_attributes = _urllib_request_moved_attributes
433 | 
434 | _importer._add_module(Module_six_moves_urllib_request(__name__ + ".moves.urllib.request"),
435 |                       "moves.urllib_request", "moves.urllib.request")
436 | 
437 | 
438 | class Module_six_moves_urllib_response(_LazyModule):
439 | 
440 |     """Lazy loading of moved objects in six.moves.urllib_response"""
441 | 
442 | 
443 | _urllib_response_moved_attributes = [
444 |     MovedAttribute("addbase", "urllib", "urllib.response"),
445 |     MovedAttribute("addclosehook", "urllib", "urllib.response"),
446 |     MovedAttribute("addinfo", "urllib", "urllib.response"),
447 |     MovedAttribute("addinfourl", "urllib", "urllib.response"),
448 | ]
449 | for attr in _urllib_response_moved_attributes:
450 |     setattr(Module_six_moves_urllib_response, attr.name, attr)
451 | del attr
452 | 
453 | Module_six_moves_urllib_response._moved_attributes = _urllib_response_moved_attributes
454 | 
455 | _importer._add_module(Module_six_moves_urllib_response(__name__ + ".moves.urllib.response"),
456 |                       "moves.urllib_response", "moves.urllib.response")
457 | 
458 | 
459 | class Module_six_moves_urllib_robotparser(_LazyModule):
460 | 
461 |     """Lazy loading of moved objects in six.moves.urllib_robotparser"""
462 | 
463 | 
464 | _urllib_robotparser_moved_attributes = [
465 |     MovedAttribute("RobotFileParser", "robotparser", "urllib.robotparser"),
466 | ]
467 | for attr in _urllib_robotparser_moved_attributes:
468 |     setattr(Module_six_moves_urllib_robotparser, attr.name, attr)
469 | del attr
470 | 
471 | Module_six_moves_urllib_robotparser._moved_attributes = _urllib_robotparser_moved_attributes
472 | 
473 | _importer._add_module(Module_six_moves_urllib_robotparser(__name__ + ".moves.urllib.robotparser"),
474 |                       "moves.urllib_robotparser", "moves.urllib.robotparser")
475 | 
476 | 
477 | class Module_six_moves_urllib(types.ModuleType):
478 | 
479 |     """Create a six.moves.urllib namespace that resembles the Python 3 namespace"""
480 |     __path__ = []  # mark as package
481 |     parse = _importer._get_module("moves.urllib_parse")
482 |     error = _importer._get_module("moves.urllib_error")
483 |     request = _importer._get_module("moves.urllib_request")
484 |     response = _importer._get_module("moves.urllib_response")
485 |     robotparser = _importer._get_module("moves.urllib_robotparser")
486 | 
487 |     def __dir__(self):
488 |         return ['parse', 'error', 'request', 'response', 'robotparser']
489 | 
490 | _importer._add_module(Module_six_moves_urllib(__name__ + ".moves.urllib"),
491 |                       "moves.urllib")
492 | 
493 | 
494 | def add_move(move):
495 |     """Add an item to six.moves."""
496 |     setattr(_MovedItems, move.name, move)
497 | 
498 | 
499 | def remove_move(name):
500 |     """Remove item from six.moves."""
501 |     try:
502 |         delattr(_MovedItems, name)
503 |     except AttributeError:
504 |         try:
505 |             del moves.__dict__[name]
506 |         except KeyError:
507 |             raise AttributeError("no such move, %r" % (name,))
508 | 
509 | 
510 | if PY3:
511 |     _meth_func = "__func__"
512 |     _meth_self = "__self__"
513 | 
514 |     _func_closure = "__closure__"
515 |     _func_code = "__code__"
516 |     _func_defaults = "__defaults__"
517 |     _func_globals = "__globals__"
518 | else:
519 |     _meth_func = "im_func"
520 |     _meth_self = "im_self"
521 | 
522 |     _func_closure = "func_closure"
523 |     _func_code = "func_code"
524 |     _func_defaults = "func_defaults"
525 |     _func_globals = "func_globals"
526 | 
527 | 
528 | try:
529 |     advance_iterator = next
530 | except NameError:
531 |     def advance_iterator(it):
532 |         return it.next()
533 | next = advance_iterator
534 | 
535 | 
536 | try:
537 |     callable = callable
538 | except NameError:
539 |     def callable(obj):
540 |         return any("__call__" in klass.__dict__ for klass in type(obj).__mro__)
541 | 
542 | 
543 | if PY3:
544 |     def get_unbound_function(unbound):
545 |         return unbound
546 | 
547 |     create_bound_method = types.MethodType
548 | 
549 |     def create_unbound_method(func, cls):
550 |         return func
551 | 
552 |     Iterator = object
553 | else:
554 |     def get_unbound_function(unbound):
555 |         return unbound.im_func
556 | 
557 |     def create_bound_method(func, obj):
558 |         return types.MethodType(func, obj, obj.__class__)
559 | 
560 |     def create_unbound_method(func, cls):
561 |         return types.MethodType(func, None, cls)
562 | 
563 |     class Iterator(object):
564 | 
565 |         def next(self):
566 |             return type(self).__next__(self)
567 | 
568 |     callable = callable
569 | _add_doc(get_unbound_function,
570 |          """Get the function out of a possibly unbound function""")
571 | 
572 | 
573 | get_method_function = operator.attrgetter(_meth_func)
574 | get_method_self = operator.attrgetter(_meth_self)
575 | get_function_closure = operator.attrgetter(_func_closure)
576 | get_function_code = operator.attrgetter(_func_code)
577 | get_function_defaults = operator.attrgetter(_func_defaults)
578 | get_function_globals = operator.attrgetter(_func_globals)
579 | 
580 | 
581 | if PY3:
582 |     def iterkeys(d, **kw):
583 |         return iter(d.keys(**kw))
584 | 
585 |     def itervalues(d, **kw):
586 |         return iter(d.values(**kw))
587 | 
588 |     def iteritems(d, **kw):
589 |         return iter(d.items(**kw))
590 | 
591 |     def iterlists(d, **kw):
592 |         return iter(d.lists(**kw))
593 | 
594 |     viewkeys = operator.methodcaller("keys")
595 | 
596 |     viewvalues = operator.methodcaller("values")
597 | 
598 |     viewitems = operator.methodcaller("items")
599 | else:
600 |     def iterkeys(d, **kw):
601 |         return d.iterkeys(**kw)
602 | 
603 |     def itervalues(d, **kw):
604 |         return d.itervalues(**kw)
605 | 
606 |     def iteritems(d, **kw):
607 |         return d.iteritems(**kw)
608 | 
609 |     def iterlists(d, **kw):
610 |         return d.iterlists(**kw)
611 | 
612 |     viewkeys = operator.methodcaller("viewkeys")
613 | 
614 |     viewvalues = operator.methodcaller("viewvalues")
615 | 
616 |     viewitems = operator.methodcaller("viewitems")
617 | 
618 | _add_doc(iterkeys, "Return an iterator over the keys of a dictionary.")
619 | _add_doc(itervalues, "Return an iterator over the values of a dictionary.")
620 | _add_doc(iteritems,
621 |          "Return an iterator over the (key, value) pairs of a dictionary.")
622 | _add_doc(iterlists,
623 |          "Return an iterator over the (key, [values]) pairs of a dictionary.")
624 | 
625 | 
626 | if PY3:
627 |     def b(s):
628 |         return s.encode("latin-1")
629 | 
630 |     def u(s):
631 |         return s
632 |     unichr = chr
633 |     import struct
634 |     int2byte = struct.Struct(">B").pack
635 |     del struct
636 |     byte2int = operator.itemgetter(0)
637 |     indexbytes = operator.getitem
638 |     iterbytes = iter
639 |     import io
640 |     StringIO = io.StringIO
641 |     BytesIO = io.BytesIO
642 |     del io
643 |     _assertCountEqual = "assertCountEqual"
644 |     if sys.version_info[1] <= 1:
645 |         _assertRaisesRegex = "assertRaisesRegexp"
646 |         _assertRegex = "assertRegexpMatches"
647 |         _assertNotRegex = "assertNotRegexpMatches"
648 |     else:
649 |         _assertRaisesRegex = "assertRaisesRegex"
650 |         _assertRegex = "assertRegex"
651 |         _assertNotRegex = "assertNotRegex"
652 | else:
653 |     def b(s):
654 |         return s
655 |     # Workaround for standalone backslash
656 | 
657 |     def u(s):
658 |         return unicode(s.replace(r'\\', r'\\\\'), "unicode_escape")
659 |     unichr = unichr
660 |     int2byte = chr
661 | 
662 |     def byte2int(bs):
663 |         return ord(bs[0])
664 | 
665 |     def indexbytes(buf, i):
666 |         return ord(buf[i])
667 |     iterbytes = functools.partial(itertools.imap, ord)
668 |     import StringIO
669 |     StringIO = BytesIO = StringIO.StringIO
670 |     _assertCountEqual = "assertItemsEqual"
671 |     _assertRaisesRegex = "assertRaisesRegexp"
672 |     _assertRegex = "assertRegexpMatches"
673 |     _assertNotRegex = "assertNotRegexpMatches"
674 | _add_doc(b, """Byte literal""")
675 | _add_doc(u, """Text literal""")
676 | 
677 | 
678 | def assertCountEqual(self, *args, **kwargs):
679 |     return getattr(self, _assertCountEqual)(*args, **kwargs)
680 | 
681 | 
682 | def assertRaisesRegex(self, *args, **kwargs):
683 |     return getattr(self, _assertRaisesRegex)(*args, **kwargs)
684 | 
685 | 
686 | def assertRegex(self, *args, **kwargs):
687 |     return getattr(self, _assertRegex)(*args, **kwargs)
688 | 
689 | 
690 | def assertNotRegex(self, *args, **kwargs):
691 |     return getattr(self, _assertNotRegex)(*args, **kwargs)
692 | 
693 | 
694 | if PY3:
695 |     exec_ = getattr(moves.builtins, "exec")
696 | 
697 |     def reraise(tp, value, tb=None):
698 |         try:
699 |             if value is None:
700 |                 value = tp()
701 |             if value.__traceback__ is not tb:
702 |                 raise value.with_traceback(tb)
703 |             raise value
704 |         finally:
705 |             value = None
706 |             tb = None
707 | 
708 | else:
709 |     def exec_(_code_, _globs_=None, _locs_=None):
710 |         """Execute code in a namespace."""
711 |         if _globs_ is None:
712 |             frame = sys._getframe(1)
713 |             _globs_ = frame.f_globals
714 |             if _locs_ is None:
715 |                 _locs_ = frame.f_locals
716 |             del frame
717 |         elif _locs_ is None:
718 |             _locs_ = _globs_
719 |         exec("""exec _code_ in _globs_, _locs_""")
720 | 
721 |     exec_("""def reraise(tp, value, tb=None):
722 |     try:
723 |         raise tp, value, tb
724 |     finally:
725 |         tb = None
726 | """)
727 | 
728 | 
729 | if sys.version_info[:2] > (3,):
730 |     exec_("""def raise_from(value, from_value):
731 |     try:
732 |         raise value from from_value
733 |     finally:
734 |         value = None
735 | """)
736 | else:
737 |     def raise_from(value, from_value):
738 |         raise value
739 | 
740 | 
741 | print_ = getattr(moves.builtins, "print", None)
742 | if print_ is None:
743 |     def print_(*args, **kwargs):
744 |         """The new-style print function for Python 2.4 and 2.5."""
745 |         fp = kwargs.pop("file", sys.stdout)
746 |         if fp is None:
747 |             return
748 | 
749 |         def write(data):
750 |             if not isinstance(data, basestring):
751 |                 data = str(data)
752 |             # If the file has an encoding, encode unicode with it.
753 |             if (isinstance(fp, file) and
754 |                     isinstance(data, unicode) and
755 |                     fp.encoding is not None):
756 |                 errors = getattr(fp, "errors", None)
757 |                 if errors is None:
758 |                     errors = "strict"
759 |                 data = data.encode(fp.encoding, errors)
760 |             fp.write(data)
761 |         want_unicode = False
762 |         sep = kwargs.pop("sep", None)
763 |         if sep is not None:
764 |             if isinstance(sep, unicode):
765 |                 want_unicode = True
766 |             elif not isinstance(sep, str):
767 |                 raise TypeError("sep must be None or a string")
768 |         end = kwargs.pop("end", None)
769 |         if end is not None:
770 |             if isinstance(end, unicode):
771 |                 want_unicode = True
772 |             elif not isinstance(end, str):
773 |                 raise TypeError("end must be None or a string")
774 |         if kwargs:
775 |             raise TypeError("invalid keyword arguments to print()")
776 |         if not want_unicode:
777 |             for arg in args:
778 |                 if isinstance(arg, unicode):
779 |                     want_unicode = True
780 |                     break
781 |         if want_unicode:
782 |             newline = unicode("\n")
783 |             space = unicode(" ")
784 |         else:
785 |             newline = "\n"
786 |             space = " "
787 |         if sep is None:
788 |             sep = space
789 |         if end is None:
790 |             end = newline
791 |         for i, arg in enumerate(args):
792 |             if i:
793 |                 write(sep)
794 |             write(arg)
795 |         write(end)
796 | if sys.version_info[:2] < (3, 3):
797 |     _print = print_
798 | 
799 |     def print_(*args, **kwargs):
800 |         fp = kwargs.get("file", sys.stdout)
801 |         flush = kwargs.pop("flush", False)
802 |         _print(*args, **kwargs)
803 |         if flush and fp is not None:
804 |             fp.flush()
805 | 
806 | _add_doc(reraise, """Reraise an exception.""")
807 | 
808 | if sys.version_info[0:2] < (3, 4):
809 |     # This does exactly the same what the :func:`py3:functools.update_wrapper`
810 |     # function does on Python versions after 3.2. It sets the ``__wrapped__``
811 |     # attribute on ``wrapper`` object and it doesn't raise an error if any of
812 |     # the attributes mentioned in ``assigned`` and ``updated`` are missing on
813 |     # ``wrapped`` object.
814 |     def _update_wrapper(wrapper, wrapped,
815 |                         assigned=functools.WRAPPER_ASSIGNMENTS,
816 |                         updated=functools.WRAPPER_UPDATES):
817 |         for attr in assigned:
818 |             try:
819 |                 value = getattr(wrapped, attr)
820 |             except AttributeError:
821 |                 continue
822 |             else:
823 |                 setattr(wrapper, attr, value)
824 |         for attr in updated:
825 |             getattr(wrapper, attr).update(getattr(wrapped, attr, {}))
826 |         wrapper.__wrapped__ = wrapped
827 |         return wrapper
828 |     _update_wrapper.__doc__ = functools.update_wrapper.__doc__
829 | 
830 |     def wraps(wrapped, assigned=functools.WRAPPER_ASSIGNMENTS,
831 |               updated=functools.WRAPPER_UPDATES):
832 |         return functools.partial(_update_wrapper, wrapped=wrapped,
833 |                                  assigned=assigned, updated=updated)
834 |     wraps.__doc__ = functools.wraps.__doc__
835 | 
836 | else:
837 |     wraps = functools.wraps
838 | 
839 | 
840 | def with_metaclass(meta, *bases):
841 |     """Create a base class with a metaclass."""
842 |     # This requires a bit of explanation: the basic idea is to make a dummy
843 |     # metaclass for one level of class instantiation that replaces itself with
844 |     # the actual metaclass.
845 |     class metaclass(type):
846 | 
847 |         def __new__(cls, name, this_bases, d):
848 |             if sys.version_info[:2] >= (3, 7):
849 |                 # This version introduced PEP 560 that requires a bit
850 |                 # of extra care (we mimic what is done by __build_class__).
851 |                 resolved_bases = types.resolve_bases(bases)
852 |                 if resolved_bases is not bases:
853 |                     d['__orig_bases__'] = bases
854 |             else:
855 |                 resolved_bases = bases
856 |             return meta(name, resolved_bases, d)
857 | 
858 |         @classmethod
859 |         def __prepare__(cls, name, this_bases):
860 |             return meta.__prepare__(name, bases)
861 |     return type.__new__(metaclass, 'temporary_class', (), {})
862 | 
863 | 
864 | def add_metaclass(metaclass):
865 |     """Class decorator for creating a class with a metaclass."""
866 |     def wrapper(cls):
867 |         orig_vars = cls.__dict__.copy()
868 |         slots = orig_vars.get('__slots__')
869 |         if slots is not None:
870 |             if isinstance(slots, str):
871 |                 slots = [slots]
872 |             for slots_var in slots:
873 |                 orig_vars.pop(slots_var)
874 |         orig_vars.pop('__dict__', None)
875 |         orig_vars.pop('__weakref__', None)
876 |         if hasattr(cls, '__qualname__'):
877 |             orig_vars['__qualname__'] = cls.__qualname__
878 |         return metaclass(cls.__name__, cls.__bases__, orig_vars)
879 |     return wrapper
880 | 
881 | 
882 | def ensure_binary(s, encoding='utf-8', errors='strict'):
883 |     """Coerce **s** to six.binary_type.
884 | 
885 |     For Python 2:
886 |       - `unicode` -> encoded to `str`
887 |       - `str` -> `str`
888 | 
889 |     For Python 3:
890 |       - `str` -> encoded to `bytes`
891 |       - `bytes` -> `bytes`
892 |     """
893 |     if isinstance(s, text_type):
894 |         return s.encode(encoding, errors)
895 |     elif isinstance(s, binary_type):
896 |         return s
897 |     else:
898 |         raise TypeError("not expecting type '%s'" % type(s))
899 | 
900 | 
901 | def ensure_str(s, encoding='utf-8', errors='strict'):
902 |     """Coerce *s* to `str`.
903 | 
904 |     For Python 2:
905 |       - `unicode` -> encoded to `str`
906 |       - `str` -> `str`
907 | 
908 |     For Python 3:
909 |       - `str` -> `str`
910 |       - `bytes` -> decoded to `str`
911 |     """
912 |     if not isinstance(s, (text_type, binary_type)):
913 |         raise TypeError("not expecting type '%s'" % type(s))
914 |     if PY2 and isinstance(s, text_type):
915 |         s = s.encode(encoding, errors)
916 |     elif PY3 and isinstance(s, binary_type):
917 |         s = s.decode(encoding, errors)
918 |     return s
919 | 
920 | 
921 | def ensure_text(s, encoding='utf-8', errors='strict'):
922 |     """Coerce *s* to six.text_type.
923 | 
924 |     For Python 2:
925 |       - `unicode` -> `unicode`
926 |       - `str` -> `unicode`
927 | 
928 |     For Python 3:
929 |       - `str` -> `str`
930 |       - `bytes` -> decoded to `str`
931 |     """
932 |     if isinstance(s, binary_type):
933 |         return s.decode(encoding, errors)
934 |     elif isinstance(s, text_type):
935 |         return s
936 |     else:
937 |         raise TypeError("not expecting type '%s'" % type(s))
938 | 
939 | 
940 | def python_2_unicode_compatible(klass):
941 |     """
942 |     A class decorator that defines __unicode__ and __str__ methods under Python 2.
943 |     Under Python 3 it does nothing.
944 | 
945 |     To support Python 2 and 3 with a single code base, define a __str__ method
946 |     returning text and apply this decorator to the class.
947 |     """
948 |     if PY2:
949 |         if '__str__' not in klass.__dict__:
950 |             raise ValueError("@python_2_unicode_compatible cannot be applied "
951 |                              "to %s because it doesn't define __str__()." %
952 |                              klass.__name__)
953 |         klass.__unicode__ = klass.__str__
954 |         klass.__str__ = lambda self: self.__unicode__().encode('utf-8')
955 |     return klass
956 | 
957 | 
958 | # Complete the moves implementation.
959 | # This code is at the end of this module to speed up module loading.
960 | # Turn this module into a package.
961 | __path__ = []  # required for PEP 302 and PEP 451
962 | __package__ = __name__  # see PEP 366 @ReservedAssignment
963 | if globals().get("__spec__") is not None:
964 |     __spec__.submodule_search_locations = []  # PEP 451 @UndefinedVariable
965 | # Remove other six meta path importers, since they cause problems. This can
966 | # happen if six is removed from sys.modules and then reloaded. (Setuptools does
967 | # this for some reason.)
968 | if sys.meta_path:
969 |     for i, importer in enumerate(sys.meta_path):
970 |         # Here's some real nastiness: Another "instance" of the six module might
971 |         # be floating around. Therefore, we can't use isinstance() to check for
972 |         # the six meta path importer, since the other six instance will have
973 |         # inserted an importer with different class.
974 |         if (type(importer).__name__ == "_SixMetaPathImporter" and
975 |                 importer.name == __name__):
976 |             del sys.meta_path[i]
977 |             break
978 |     del i, importer
979 | # Finally, add the importer to the meta path import hook.
980 | sys.meta_path.append(_importer)
981 | 


--------------------------------------------------------------------------------
/default/app.conf:
--------------------------------------------------------------------------------
 1 | [install]
 2 | is_configured = 0
 3 | 
 4 | [ui]
 5 | is_visible = 0
 6 | label = JSON Tools
 7 | 
 8 | [launcher]
 9 | author = doksu
10 | description = JSON Tools
11 | version = 0.3.0
12 | 
13 | [package]
14 | id = TA-jsontools
15 | 


--------------------------------------------------------------------------------
/default/commands.conf:
--------------------------------------------------------------------------------
1 | [mkjson]
2 | filename = mkjson.py
3 | chunked = true
4 | python.version = python3
5 | 


--------------------------------------------------------------------------------
/default/logging.conf:
--------------------------------------------------------------------------------
 1 | [loggers]
 2 | keys = root, splunklib, MkJSONCommand
 3 | 
 4 | [logger_root]
 5 | level = WARNING
 6 | handlers = stderr
 7 | 
 8 | [logger_splunklib]
 9 | qualname = splunklib
10 | level = NOTSET
11 | handlers = splunklib
12 | propagate = 0
13 | 
14 | [logger_MkJSONCommand]
15 | qualname = MkJSONCommand
16 | level = NOTSET
17 | handlers = stderr
18 | propagate = 0
19 | 
20 | [handlers]
21 | # See [logging.handlers](https://docs.python.org/2/library/logging.handlers.html)
22 | keys = app, splunklib, stderr
23 | 
24 | [handler_app]
25 | # Select this handler to log events to $SPLUNK_HOME/var/log/splunk/searchcommands_app.log
26 | class = logging.handlers.RotatingFileHandler
27 | level = NOTSET
28 | args = ('%(SPLUNK_HOME)s/var/log/splunk/searchcommands_app.log', 'a', 524288000, 9, 'utf-8', True)
29 | formatter = searchcommands
30 | 
31 | [handler_splunklib]
32 | # Select this handler to log events to $SPLUNK_HOME/var/log/splunk/splunklib.log
33 | class = logging.handlers.RotatingFileHandler
34 | args = ('%(SPLUNK_HOME)s/var/log/splunk/splunklib.log', 'a', 524288000, 9, 'utf-8', True)
35 | level = NOTSET
36 | formatter = searchcommands
37 | 
38 | [handler_stderr]
39 | # Select this handler to log events to stderr which splunkd redirects to the associated job's search.log file
40 | class = logging.StreamHandler
41 | level = NOTSET
42 | args = (sys.stderr,)
43 | formatter = searchcommands
44 | 
45 | [formatters]
46 | keys = searchcommands
47 | 
48 | [formatter_searchcommands]
49 | format = %(asctime)s, Level=%(levelname)s, Pid=%(process)s, Logger=%(name)s, File=%(filename)s, Line=%(lineno)s, %(message)s
50 | 


--------------------------------------------------------------------------------
/default/searchbnf.conf:
--------------------------------------------------------------------------------
 1 | [mkjson-command]
 2 | syntax		= mkjson [outputfield=<fieldname>] [includehidden=<true|false>] [<fields>]
 3 | shortdesc	= Produces JSON from fields
 4 | description	= Produce JSON from fields.\i\\
 5 | 		"outputfield"- specify a field for output (default: _raw)\i\\
 6 | 		"includehidden"	- include hidden _* fields in JSON (default: false)\i\\
 7 | 		If a list of fields are provided, then only those fields are included in the JSON, otherwise all fields are included.\i\\
 8 | 
 9 | example1 = | mkjson
10 | example2 = | mkjson includehidden=true
11 | example3 = | mkjson outputfield=json src dest action
12 | 


--------------------------------------------------------------------------------
/metadata/default.meta:
--------------------------------------------------------------------------------
1 | []
2 | access = read : [ * ], write : [ admin, power ]
3 | export = system
4 | 


--------------------------------------------------------------------------------
/static/appIcon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/doksu/TA-jsontools/1c19eb8d792631937e3ddcd18ea92d59b8fff967/static/appIcon.png


--------------------------------------------------------------------------------
/static/appIcon_2x.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/doksu/TA-jsontools/1c19eb8d792631937e3ddcd18ea92d59b8fff967/static/appIcon_2x.png


--------------------------------------------------------------------------------