├── .gitignore ├── README.md ├── build.gradle ├── gradle.properties ├── gradle └── wrapper │ ├── gradle-wrapper.jar │ └── gradle-wrapper.properties ├── gradlew ├── gradlew.bat ├── publish-maven.gradle ├── settings.gradle └── src ├── api └── overview.html ├── dist ├── changelog.txt ├── license.txt ├── notice.txt └── readme.txt ├── main ├── java │ └── org │ │ └── springframework │ │ └── integration │ │ └── splunk │ │ ├── config │ │ └── xml │ │ │ ├── SplunkInboundChannelAdapterParser.java │ │ │ ├── SplunkNamespaceHandler.java │ │ │ ├── SplunkOutboundChannelAdapterParser.java │ │ │ ├── SplunkParserUtils.java │ │ │ ├── SplunkServerParser.java │ │ │ └── package-info.java │ │ ├── core │ │ ├── DataReader.java │ │ ├── DataWriter.java │ │ ├── ServiceFactory.java │ │ └── package-info.java │ │ ├── event │ │ ├── AcManagementEvent.java │ │ ├── AuthEvent.java │ │ ├── DnsEvent.java │ │ ├── EmailEvent.java │ │ ├── EndpointProtectionEvent.java │ │ ├── FileEvent.java │ │ ├── IntrusionDetectionEvent.java │ │ ├── MalwareEndpointProtectionEvent.java │ │ ├── MalwareNetworkProtectionEvent.java │ │ ├── NetworkProtectionEvent.java │ │ ├── NetworkTrafficEssEvent.java │ │ ├── NetworkTrafficGenericEvent.java │ │ ├── PacketFilterEvent.java │ │ ├── ProxyEvent.java │ │ ├── SplunkEvent.java │ │ ├── SystemCenterEvent.java │ │ ├── TrafficEvent.java │ │ ├── UserInfoUpdateEvent.java │ │ ├── VulnerabilityEvent.java │ │ └── WindowsAdminEvent.java │ │ ├── inbound │ │ ├── SplunkPollingChannelAdapter.java │ │ └── package-info.java │ │ ├── outbound │ │ ├── SplunkOutboundChannelAdapter.java │ │ └── package-info.java │ │ └── support │ │ ├── AbstractSplunkDataWriter.java │ │ ├── ArgsBuilder.java │ │ ├── SearchMode.java │ │ ├── SplunkArgsFactoryBean.java │ │ ├── SplunkDataReader.java │ │ ├── SplunkExecutor.java │ │ ├── SplunkIndexWriter.java │ │ ├── SplunkServer.java │ │ ├── SplunkServiceFactory.java │ │ ├── SplunkSubmitWriter.java │ │ └── SplunkTcpWriter.java └── resources │ ├── META-INF │ ├── spring.handlers │ ├── spring.schemas │ └── spring.tooling │ └── org │ └── springframework │ └── integration │ └── splunk │ └── config │ └── xml │ ├── spring-integration-splunk-1.0.xsd │ ├── spring-integration-splunk-1.1.xsd │ └── spring-integration-splunk.gif ├── reference └── docbook │ ├── history.xml │ ├── images │ └── logo.png │ ├── index.xml │ ├── resources.xml │ ├── splunk.xml │ └── whats-new.xml └── test ├── java └── org │ └── springframework │ └── integration │ └── splunk │ ├── config │ └── xml │ │ ├── SplunkInboundChannelAdapterParserSavedSearchTests.java │ │ ├── SplunkInboundChannelAdapterParserTests.java │ │ ├── SplunkOutboundChannelAdapterParserStreamTests.java │ │ ├── SplunkOutboundChannelAdapterParserTests.java │ │ └── SplunkServerParserTests.java │ ├── event │ └── SplunkEventTests.java │ ├── inbound │ └── SplunkPollingChannelAdapterTests.java │ ├── outbound │ └── SplunkOutboundChannelAdapterTests.java │ └── support │ ├── SplunkDataReaderTests.java │ ├── SplunkDataWriterTests.java │ └── SplunkExecutorTests.java └── resources ├── log4j.properties ├── org └── springframework │ └── integration │ └── splunk │ ├── SplunkCommon-context.xml │ └── config │ └── xml │ ├── SplunkInboundChannelAdapterParserCommon-context.xml │ ├── SplunkInboundChannelAdapterParserSavedSearchTests-context.xml │ ├── SplunkInboundChannelAdapterParserTests-context.xml │ ├── SplunkOutboundChannelAdapterParserStreamTests-context.xml │ ├── SplunkOutboundChannelAdapterParserTests-context.xml │ └── SplunkServerParserTests-context.xml └── splunk-data.xml /.gitignore: -------------------------------------------------------------------------------- 1 | target 2 | .settings 3 | .springBeans 4 | .classpath 5 | .project 6 | /.idea 7 | /.gradle 8 | /build 9 | /*.iml 10 | /*.ipr 11 | /*.iws 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Spring Integration Splunk Adapter 2 | ================================================= 3 | 4 | The SI adapter includes Outbound Channel Adapter and Inbound Channel Adapter. 5 | 6 | Inbound channel adapter : 7 | ----------------------------------------------------------------------------- 8 | The Inbound channel adapter is used to read data from Splunk and output a message containing the data to a Spring Integration channel. There are 5 ways to get data from Splunk: 9 | 10 | * Blocking 11 | * Non blocking 12 | * Saved search 13 | * Realtime 14 | * Export 15 | 16 | 17 | ### Blocking search: 18 | 19 | ```xml 20 | 24 | 25 | 26 | ``` 27 | 28 | 29 | ### Non blocking search: 30 | 31 | ```xml 32 | 36 | 37 | 38 | ``` 39 | 40 | 41 | ### Saved search: 42 | 43 | ```xml 44 | 47 | 48 | 49 | ``` 50 | 51 | 52 | ### Realtime search: 53 | 54 | ```xml 55 | 58 | 59 | 60 | ``` 61 | 62 | ### Export: 63 | 64 | ```xml 65 | 68 | 69 | 70 | ``` 71 | 72 | Outbound channel adapter: 73 | ---------------------------------------------------------------------------------------------- 74 | 75 | The Outbound channel adapter is used to write data to Splunk from a Spring Integration message channel. There are 3 types of data writers provided: 76 | 77 | * submit - Use's Splunk's REST API. Appropriate for small or infrequent data loads. Posts data to a named index or the default if not specified. 78 | * index - Streams data to a named index or the default if not specified. 79 | * tcp - Streams data to a tcp port associated with a defined tcp input. 80 | 81 | The outbound channel adapter requires a child *-writer element which defines related attributes: 82 | 83 | ### Submit: 84 | 85 | ```xml 86 | 92 | 93 | 94 | ``` 95 | 96 | ### Index: 97 | 98 | ```xml 99 | 104 | 105 | 106 | ``` 107 | 108 | ### TCP 109 | 110 | ```xml 111 | 116 | 117 | 118 | ``` 119 | 120 | *NOTE: The input must exist and be enabled on the server* 121 | 122 | ### Configuring The Splunk Server connection 123 | 124 | ```xml 125 | 126 | ``` 127 | 128 | Alternatively, you can configure a Splunk Server failover mechanism 129 | 130 | ```xml 131 | 133 | 134 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | ``` 146 | 147 | Additional server properties include (see [splunk](https://docs.splunk.com/Documentation/Splunk/latest) documentation for details): 148 | 149 | * app 150 | * scheme 151 | * scope 152 | * owner 153 | 154 | The default host is *localhost* and the default port is *8089*. The *timeout* attribute indicates how long to wait for a connection in miliseconds. 155 | 156 | 157 | Development 158 | ----------------- 159 | ### Build: 160 | 161 | ./gradlew build 162 | 163 | ### Import the project to Eclipse: 164 | 165 | To generate Eclipse metadata (e.g., .classpath and .project files), do the following: 166 | 167 | ./gradlew eclipse 168 | 169 | -------------------------------------------------------------------------------- /build.gradle: -------------------------------------------------------------------------------- 1 | description = 'Spring Integration Splunk Support' 2 | 3 | buildscript { 4 | repositories { 5 | maven { url 'https://repo.spring.io/plugins-release' } 6 | } 7 | dependencies { 8 | classpath 'io.spring.gradle:docbook-reference-plugin:0.3.1' 9 | classpath 'io.spring.gradle:spring-io-plugin:0.0.4.RELEASE' 10 | } 11 | } 12 | 13 | apply plugin: 'java' 14 | apply from: "${rootProject.projectDir}/publish-maven.gradle" 15 | apply plugin: 'eclipse' 16 | apply plugin: 'idea' 17 | apply plugin: 'jacoco' 18 | 19 | if (project.hasProperty('platformVersion')) { 20 | apply plugin: 'spring-io' 21 | 22 | dependencyManagement { 23 | springIoTestRuntime { 24 | imports { 25 | mavenBom "io.spring.platform:platform-bom:${platformVersion}" 26 | } 27 | } 28 | } 29 | } 30 | 31 | group = 'org.springframework.integration' 32 | 33 | repositories { 34 | maven { url 'https://repo.spring.io/libs-milestone' } 35 | if (project.hasProperty('platformVersion')) { 36 | maven { url 'https://repo.spring.io/snapshot' } 37 | } 38 | } 39 | 40 | sourceCompatibility = targetCompatibility = 1.7 41 | 42 | ext { 43 | 44 | jodaTimeVersion = '2.3' 45 | splunkVersion = '1.5.0.0' 46 | springIntegrationVersion = '4.2.2.RELEASE' 47 | 48 | linkHomepage = 'https://github.com/spring-projects/spring-integration-splunk' 49 | linkCi = 'https://build.spring.io/browse/INTEXT' 50 | linkIssue = 'https://jira.spring.io/browse/INTEXT' 51 | linkScmUrl = 'https://github.com/spring-projects/spring-integration-splunk' 52 | linkScmConnection = 'https://github.com/spring-projects/spring-integration-splunk.git' 53 | linkScmDevConnection = 'git@github.com:spring-projects/spring-integration-splunk.git' 54 | 55 | shortName = 'splunk' 56 | } 57 | 58 | jacoco { 59 | toolVersion = "0.7.2.201409121644" 60 | } 61 | 62 | dependencies { 63 | compile "com.splunk:splunk:$splunkVersion" 64 | compile "org.springframework.integration:spring-integration-core:$springIntegrationVersion" 65 | compile "joda-time:joda-time:$jodaTimeVersion" 66 | 67 | testCompile "org.springframework.integration:spring-integration-test:$springIntegrationVersion" 68 | testCompile "org.springframework.integration:spring-integration-stream:$springIntegrationVersion" 69 | } 70 | 71 | 72 | eclipse { 73 | project { 74 | natures += 'org.springframework.ide.eclipse.core.springnature' 75 | } 76 | } 77 | 78 | sourceSets { 79 | test { 80 | resources { 81 | srcDirs = ['src/test/resources', 'src/test/java'] 82 | } 83 | } 84 | } 85 | 86 | 87 | 88 | // enable all compiler warnings; individual projects may customize further 89 | [compileJava, compileTestJava]*.options*.compilerArgs = ['-Xlint:all,-options'] 90 | 91 | test { 92 | // suppress all console output during testing unless running `gradle -i` 93 | logging.captureStandardOutput(LogLevel.INFO) 94 | maxHeapSize = "1024m" 95 | jacoco { 96 | append = false 97 | destinationFile = file("$buildDir/jacoco.exec") 98 | } 99 | } 100 | 101 | jacocoTestReport { 102 | reports { 103 | xml.enabled false 104 | csv.enabled false 105 | html.destination "${buildDir}/reports/jacoco/html" 106 | } 107 | } 108 | 109 | task sourcesJar(type: Jar) { 110 | classifier = 'sources' 111 | from sourceSets.main.allJava 112 | } 113 | 114 | task javadocJar(type: Jar) { 115 | classifier = 'javadoc' 116 | from javadoc 117 | } 118 | 119 | artifacts { 120 | archives sourcesJar 121 | archives javadocJar 122 | } 123 | 124 | apply plugin: 'docbook-reference' 125 | 126 | reference { 127 | sourceDir = file('src/reference/docbook') 128 | } 129 | 130 | apply plugin: 'sonar-runner' 131 | 132 | sonarRunner { 133 | sonarProperties { 134 | property "sonar.jacoco.reportPath", "${buildDir.name}/jacoco.exec" 135 | property "sonar.links.homepage", linkHomepage 136 | property "sonar.links.ci", linkCi 137 | property "sonar.links.issue", linkIssue 138 | property "sonar.links.scm", linkScmUrl 139 | property "sonar.links.scm_dev", linkScmDevConnection 140 | property "sonar.java.coveragePlugin", "jacoco" 141 | } 142 | } 143 | 144 | task api(type: Javadoc) { 145 | group = 'Documentation' 146 | description = 'Generates aggregated Javadoc API documentation.' 147 | title = "${rootProject.description} ${version} API" 148 | options.memberLevel = org.gradle.external.javadoc.JavadocMemberLevel.PROTECTED 149 | options.author = true 150 | options.header = rootProject.description 151 | options.overview = 'src/api/overview.html' 152 | source subprojects.collect { project -> 153 | project.sourceSets.main.allJava 154 | } 155 | destinationDir = new File(buildDir, "api") 156 | classpath = files(subprojects.collect { project -> 157 | project.sourceSets.main.compileClasspath 158 | }) 159 | } 160 | 161 | task schemaZip(type: Zip) { 162 | group = 'Distribution' 163 | classifier = 'schema' 164 | description = "Builds -${classifier} archive containing all " + 165 | "XSDs for deployment at static.springframework.org/schema." 166 | 167 | def Properties schemas = new Properties(); 168 | 169 | project.sourceSets.main.resources.find { 170 | it.path.endsWith("META-INF${File.separator}spring.schemas") 171 | }?.withInputStream { schemas.load(it) } 172 | 173 | for (def key : schemas.keySet()) { 174 | File xsdFile = project.sourceSets.main.resources.find { 175 | it.path.replaceAll('\\\\', '/').endsWith(schemas.get(key)) 176 | } 177 | assert xsdFile != null 178 | into ("integration/${shortName}") { 179 | from xsdFile.path 180 | } 181 | } 182 | } 183 | 184 | task docsZip(type: Zip) { 185 | group = 'Distribution' 186 | classifier = 'docs' 187 | description = "Builds -${classifier} archive containing api and reference " + 188 | "for deployment at static.springframework.org/spring-integration/docs." 189 | 190 | from('src/dist') { 191 | include 'changelog.txt' 192 | } 193 | 194 | from (api) { 195 | into 'api' 196 | } 197 | 198 | from (reference) { 199 | into 'reference' 200 | } 201 | } 202 | 203 | task distZip(type: Zip, dependsOn: [docsZip, schemaZip]) { 204 | group = 'Distribution' 205 | classifier = 'dist' 206 | description = "Builds -${classifier} archive, containing all jars and docs, " + 207 | "suitable for community download page." 208 | 209 | ext.baseDir = "${project.name}-${project.version}"; 210 | 211 | from('src/dist') { 212 | include 'readme.txt' 213 | include 'license.txt' 214 | include 'notice.txt' 215 | into "${baseDir}" 216 | } 217 | 218 | from(zipTree(docsZip.archivePath)) { 219 | into "${baseDir}/docs" 220 | } 221 | 222 | from(zipTree(schemaZip.archivePath)) { 223 | into "${baseDir}/schema" 224 | } 225 | 226 | subprojects.each { subproject -> 227 | into ("${baseDir}/libs") { 228 | from subproject.jar 229 | from subproject.sourcesJar 230 | from subproject.javadocJar 231 | } 232 | } 233 | } 234 | 235 | // Create an optional "with dependencies" distribution. 236 | // Not published by default; only for use when building from source. 237 | task depsZip(type: Zip, dependsOn: distZip) { zipTask -> 238 | group = 'Distribution' 239 | classifier = 'dist-with-deps' 240 | description = "Builds -${classifier} archive, containing everything " + 241 | "in the -${distZip.classifier} archive plus all dependencies." 242 | 243 | from zipTree(distZip.archivePath) 244 | 245 | gradle.taskGraph.whenReady { taskGraph -> 246 | if (taskGraph.hasTask(":${zipTask.name}")) { 247 | def projectNames = rootProject.subprojects*.name 248 | def artifacts = new HashSet() 249 | subprojects.each { subproject -> 250 | subproject.configurations.runtime.resolvedConfiguration.resolvedArtifacts.each { artifact -> 251 | def dependency = artifact.moduleVersion.id 252 | if (!projectNames.contains(dependency.name)) { 253 | artifacts << artifact.file 254 | } 255 | } 256 | } 257 | 258 | zipTask.from(artifacts) { 259 | into "${distZip.baseDir}/deps" 260 | } 261 | } 262 | } 263 | } 264 | 265 | artifacts { 266 | archives distZip 267 | archives docsZip 268 | archives schemaZip 269 | } 270 | 271 | task dist(dependsOn: assemble) { 272 | group = 'Distribution' 273 | description = 'Builds -dist, -docs and -schema distribution archives.' 274 | } 275 | 276 | task wrapper(type: Wrapper) { 277 | description = 'Generates gradlew[.bat] scripts' 278 | gradleVersion = '2.5' 279 | distributionUrl = "https://services.gradle.org/distributions/gradle-${gradleVersion}-all.zip" 280 | } 281 | -------------------------------------------------------------------------------- /gradle.properties: -------------------------------------------------------------------------------- 1 | version=1.2.0.BUILD-SNAPSHOT 2 | -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/spring-projects/spring-integration-splunk/b0070970a7f37acc232670ce5ae88b6eb731bff0/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- 1 | #Fri Jun 06 13:11:01 EEST 2014 2 | distributionBase=GRADLE_USER_HOME 3 | distributionPath=wrapper/dists 4 | zipStoreBase=GRADLE_USER_HOME 5 | zipStorePath=wrapper/dists 6 | distributionUrl=https\://services.gradle.org/distributions/gradle-1.12-all.zip 7 | -------------------------------------------------------------------------------- /gradlew: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ############################################################################## 4 | ## 5 | ## Gradle start up script for UN*X 6 | ## 7 | ############################################################################## 8 | 9 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 10 | DEFAULT_JVM_OPTS="" 11 | 12 | APP_NAME="Gradle" 13 | APP_BASE_NAME=`basename "$0"` 14 | 15 | # Use the maximum available, or set MAX_FD != -1 to use that value. 16 | MAX_FD="maximum" 17 | 18 | warn ( ) { 19 | echo "$*" 20 | } 21 | 22 | die ( ) { 23 | echo 24 | echo "$*" 25 | echo 26 | exit 1 27 | } 28 | 29 | # OS specific support (must be 'true' or 'false'). 30 | cygwin=false 31 | msys=false 32 | darwin=false 33 | case "`uname`" in 34 | CYGWIN* ) 35 | cygwin=true 36 | ;; 37 | Darwin* ) 38 | darwin=true 39 | ;; 40 | MINGW* ) 41 | msys=true 42 | ;; 43 | esac 44 | 45 | # For Cygwin, ensure paths are in UNIX format before anything is touched. 46 | if $cygwin ; then 47 | [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 48 | fi 49 | 50 | # Attempt to set APP_HOME 51 | # Resolve links: $0 may be a link 52 | PRG="$0" 53 | # Need this for relative symlinks. 54 | while [ -h "$PRG" ] ; do 55 | ls=`ls -ld "$PRG"` 56 | link=`expr "$ls" : '.*-> \(.*\)$'` 57 | if expr "$link" : '/.*' > /dev/null; then 58 | PRG="$link" 59 | else 60 | PRG=`dirname "$PRG"`"/$link" 61 | fi 62 | done 63 | SAVED="`pwd`" 64 | cd "`dirname \"$PRG\"`/" >&- 65 | APP_HOME="`pwd -P`" 66 | cd "$SAVED" >&- 67 | 68 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar 69 | 70 | # Determine the Java command to use to start the JVM. 71 | if [ -n "$JAVA_HOME" ] ; then 72 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 73 | # IBM's JDK on AIX uses strange locations for the executables 74 | JAVACMD="$JAVA_HOME/jre/sh/java" 75 | else 76 | JAVACMD="$JAVA_HOME/bin/java" 77 | fi 78 | if [ ! -x "$JAVACMD" ] ; then 79 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME 80 | 81 | Please set the JAVA_HOME variable in your environment to match the 82 | location of your Java installation." 83 | fi 84 | else 85 | JAVACMD="java" 86 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 87 | 88 | Please set the JAVA_HOME variable in your environment to match the 89 | location of your Java installation." 90 | fi 91 | 92 | # Increase the maximum file descriptors if we can. 93 | if [ "$cygwin" = "false" -a "$darwin" = "false" ] ; then 94 | MAX_FD_LIMIT=`ulimit -H -n` 95 | if [ $? -eq 0 ] ; then 96 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then 97 | MAX_FD="$MAX_FD_LIMIT" 98 | fi 99 | ulimit -n $MAX_FD 100 | if [ $? -ne 0 ] ; then 101 | warn "Could not set maximum file descriptor limit: $MAX_FD" 102 | fi 103 | else 104 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" 105 | fi 106 | fi 107 | 108 | # For Darwin, add options to specify how the application appears in the dock 109 | if $darwin; then 110 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" 111 | fi 112 | 113 | # For Cygwin, switch paths to Windows format before running java 114 | if $cygwin ; then 115 | APP_HOME=`cygpath --path --mixed "$APP_HOME"` 116 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` 117 | 118 | # We build the pattern for arguments to be converted via cygpath 119 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` 120 | SEP="" 121 | for dir in $ROOTDIRSRAW ; do 122 | ROOTDIRS="$ROOTDIRS$SEP$dir" 123 | SEP="|" 124 | done 125 | OURCYGPATTERN="(^($ROOTDIRS))" 126 | # Add a user-defined pattern to the cygpath arguments 127 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then 128 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" 129 | fi 130 | # Now convert the arguments - kludge to limit ourselves to /bin/sh 131 | i=0 132 | for arg in "$@" ; do 133 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` 134 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option 135 | 136 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition 137 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` 138 | else 139 | eval `echo args$i`="\"$arg\"" 140 | fi 141 | i=$((i+1)) 142 | done 143 | case $i in 144 | (0) set -- ;; 145 | (1) set -- "$args0" ;; 146 | (2) set -- "$args0" "$args1" ;; 147 | (3) set -- "$args0" "$args1" "$args2" ;; 148 | (4) set -- "$args0" "$args1" "$args2" "$args3" ;; 149 | (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; 150 | (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; 151 | (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; 152 | (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; 153 | (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; 154 | esac 155 | fi 156 | 157 | # Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules 158 | function splitJvmOpts() { 159 | JVM_OPTS=("$@") 160 | } 161 | eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS 162 | JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME" 163 | 164 | exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@" 165 | -------------------------------------------------------------------------------- /gradlew.bat: -------------------------------------------------------------------------------- 1 | @if "%DEBUG%" == "" @echo off 2 | @rem ########################################################################## 3 | @rem 4 | @rem Gradle startup script for Windows 5 | @rem 6 | @rem ########################################################################## 7 | 8 | @rem Set local scope for the variables with windows NT shell 9 | if "%OS%"=="Windows_NT" setlocal 10 | 11 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. 12 | set DEFAULT_JVM_OPTS= 13 | 14 | set DIRNAME=%~dp0 15 | if "%DIRNAME%" == "" set DIRNAME=. 16 | set APP_BASE_NAME=%~n0 17 | set APP_HOME=%DIRNAME% 18 | 19 | @rem Find java.exe 20 | if defined JAVA_HOME goto findJavaFromJavaHome 21 | 22 | set JAVA_EXE=java.exe 23 | %JAVA_EXE% -version >NUL 2>&1 24 | if "%ERRORLEVEL%" == "0" goto init 25 | 26 | echo. 27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 28 | echo. 29 | echo Please set the JAVA_HOME variable in your environment to match the 30 | echo location of your Java installation. 31 | 32 | goto fail 33 | 34 | :findJavaFromJavaHome 35 | set JAVA_HOME=%JAVA_HOME:"=% 36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe 37 | 38 | if exist "%JAVA_EXE%" goto init 39 | 40 | echo. 41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 42 | echo. 43 | echo Please set the JAVA_HOME variable in your environment to match the 44 | echo location of your Java installation. 45 | 46 | goto fail 47 | 48 | :init 49 | @rem Get command-line arguments, handling Windowz variants 50 | 51 | if not "%OS%" == "Windows_NT" goto win9xME_args 52 | if "%@eval[2+2]" == "4" goto 4NT_args 53 | 54 | :win9xME_args 55 | @rem Slurp the command line arguments. 56 | set CMD_LINE_ARGS= 57 | set _SKIP=2 58 | 59 | :win9xME_args_slurp 60 | if "x%~1" == "x" goto execute 61 | 62 | set CMD_LINE_ARGS=%* 63 | goto execute 64 | 65 | :4NT_args 66 | @rem Get arguments from the 4NT Shell from JP Software 67 | set CMD_LINE_ARGS=%$ 68 | 69 | :execute 70 | @rem Setup the command line 71 | 72 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar 73 | 74 | @rem Execute Gradle 75 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% 76 | 77 | :end 78 | @rem End local scope for the variables with windows NT shell 79 | if "%ERRORLEVEL%"=="0" goto mainEnd 80 | 81 | :fail 82 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of 83 | rem the _cmd.exe /c_ return code! 84 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 85 | exit /b 1 86 | 87 | :mainEnd 88 | if "%OS%"=="Windows_NT" endlocal 89 | 90 | :omega 91 | -------------------------------------------------------------------------------- /publish-maven.gradle: -------------------------------------------------------------------------------- 1 | apply plugin: 'maven' 2 | 3 | ext.optionalDeps = [] 4 | ext.providedDeps = [] 5 | ext.optional = { optionalDeps << it } 6 | ext.provided = { providedDeps << it } 7 | 8 | install { 9 | repositories.mavenInstaller { 10 | customizePom(pom, project) 11 | } 12 | } 13 | 14 | def customizePom(pom, gradleProject) { 15 | pom.whenConfigured { generatedPom -> 16 | // respect 'optional' and 'provided' dependencies 17 | gradleProject.optionalDeps.each { dep -> 18 | generatedPom.dependencies.find { it.artifactId == dep.name }?.optional = true 19 | } 20 | gradleProject.providedDeps.each { dep -> 21 | generatedPom.dependencies.find { it.artifactId == dep.name }?.scope = 'provided' 22 | } 23 | 24 | // eliminate test-scoped dependencies (no need in maven central poms) 25 | generatedPom.dependencies.removeAll { dep -> 26 | dep.scope == 'test' 27 | } 28 | 29 | // add all items necessary for maven central publication 30 | generatedPom.project { 31 | name = gradleProject.description 32 | description = gradleProject.description 33 | url = 'https://github.com/SpringSource/spring-integration-extensions' 34 | organization { 35 | name = 'SpringSource' 36 | url = 'https://spring.io' 37 | } 38 | licenses { 39 | license { 40 | name 'The Apache Software License, Version 2.0' 41 | url 'https://www.apache.org/licenses/LICENSE-2.0.txt' 42 | distribution 'repo' 43 | } 44 | } 45 | scm { 46 | url = 'https://github.com/SpringSource/spring-integration-extensions' 47 | connection = 'scm:git:git://github.com/SpringSource/spring-integration-extensions' 48 | developerConnection = 'scm:git:git://github.com/SpringSource/spring-integration-extensions' 49 | } 50 | 51 | developers { 52 | developer { 53 | id = 'Jarred' 54 | name = 'Jarred Li' 55 | email = 'leejianwei@126.com' 56 | } 57 | } 58 | } 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /settings.gradle: -------------------------------------------------------------------------------- 1 | rootProject.name = 'spring-integration-splunk' 2 | -------------------------------------------------------------------------------- /src/api/overview.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | This document is the API specification for Spring Integration 4 |
5 |
6 |

7 | For further API reference and developer documentation, see the 8 | Spring 9 | Integration reference documentation. 10 | That documentation contains more detailed, developer-targeted 11 | descriptions, with conceptual overviews, definitions of terms, 12 | workarounds, and working code examples. 13 |

14 | 15 |

16 | If you are interested in commercial training, consultancy, and 17 | support for Spring Integration, please visit 18 | https://www.springsource.com 19 |

20 |
21 | 22 | 23 | -------------------------------------------------------------------------------- /src/dist/changelog.txt: -------------------------------------------------------------------------------- 1 | Spring Integration Splunk Adapter CHANGELOG 2 | ========================================= 3 | 4 | Features in version 1.0.0 5 | 6 | 1. Inbound channel adapter with 5 different ways to search data: bloking, normal(non-blocking), realtime, export, saved search. 7 | 8 | 2. Outbound channel adapter with 3 ways to push event data: Stream, tcp, REST 9 | -------------------------------------------------------------------------------- /src/dist/notice.txt: -------------------------------------------------------------------------------- 1 | ======================================================================== 2 | == NOTICE file corresponding to section 4 d of the Apache License, == 3 | == Version 2.0, in this case for the Spring Integration distribution. == 4 | ======================================================================== 5 | 6 | This product includes software developed by 7 | the Apache Software Foundation (https://www.apache.org). 8 | 9 | The end-user documentation included with a redistribution, if any, 10 | must include the following acknowledgement: 11 | 12 | "This product includes software developed by the Spring Framework 13 | Project (https://www.springframework.org)." 14 | 15 | Alternatively, this acknowledgement may appear in the software itself, 16 | if and wherever such third-party acknowledgements normally appear. 17 | 18 | The names "Spring", "Spring Framework", and "Spring Integration" must 19 | not be used to endorse or promote products derived from this software 20 | without prior written permission. For written permission, please contact 21 | enquiries@springsource.com. 22 | -------------------------------------------------------------------------------- /src/dist/readme.txt: -------------------------------------------------------------------------------- 1 | Spring Integration Splunk Adapter 2 | ----------------------------------- 3 | 4 | To find out what has changed since any earlier releases, see 'changelog.txt'. 5 | 6 | Please consult the documentation located within the 'docs/reference' directory 7 | of this release and also visit the official Spring Integration home at 8 | https://www.springsource.org/spring-integration 9 | 10 | There you will find links to the forum, issue tracker, and several other resources. 11 | 12 | See https://github.com/SpringSource/spring-integration#readme for additional 13 | information including instructions on building from source. 14 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/config/xml/SplunkInboundChannelAdapterParser.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.config.xml; 18 | 19 | import org.w3c.dom.Element; 20 | 21 | import org.springframework.beans.BeanMetadataElement; 22 | import org.springframework.beans.factory.config.BeanDefinition; 23 | import org.springframework.beans.factory.config.RuntimeBeanReference; 24 | import org.springframework.beans.factory.parsing.BeanComponentDefinition; 25 | import org.springframework.beans.factory.support.BeanDefinitionBuilder; 26 | import org.springframework.beans.factory.support.ManagedList; 27 | import org.springframework.beans.factory.xml.ParserContext; 28 | import org.springframework.integration.config.xml.AbstractPollingInboundChannelAdapterParser; 29 | import org.springframework.integration.config.xml.IntegrationNamespaceUtils; 30 | import org.springframework.integration.splunk.inbound.SplunkPollingChannelAdapter; 31 | import org.springframework.integration.splunk.support.SplunkDataReader; 32 | import org.springframework.integration.splunk.support.SplunkServiceFactory; 33 | import org.springframework.util.StringUtils; 34 | 35 | /** 36 | * The Splunk Inbound Channel adapter parser 37 | * 38 | * @author Jarred Li 39 | * @author Olivier Lamy 40 | * @since 1.0 41 | * 42 | */ 43 | public class SplunkInboundChannelAdapterParser extends AbstractPollingInboundChannelAdapterParser { 44 | 45 | 46 | protected BeanMetadataElement parseSource(Element element, ParserContext parserContext) { 47 | 48 | BeanDefinitionBuilder splunkPollingChannelAdapterBuilder = 49 | BeanDefinitionBuilder.genericBeanDefinition(SplunkPollingChannelAdapter.class); 50 | 51 | BeanDefinitionBuilder splunkExecutorBuilder = SplunkParserUtils.getSplunkExecutorBuilder(element, parserContext); 52 | 53 | BeanDefinitionBuilder splunkDataReaderBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkDataReader.class); 54 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "mode"); 55 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "count"); 56 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "field-list"); 57 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "search"); 58 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "saved-search"); 59 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "owner"); 60 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "app"); 61 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "init-earliest-time"); 62 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "earliest-time"); 63 | IntegrationNamespaceUtils.setValueIfAttributeDefined(splunkDataReaderBuilder, element, "latest-time"); 64 | 65 | // initialize splunk servers references 66 | BeanDefinitionBuilder serviceFactoryBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkServiceFactory.class); 67 | 68 | String splunkServerBeanNames = element.getAttribute("splunk-server-ref"); 69 | if (StringUtils.hasText(splunkServerBeanNames)) { 70 | 71 | ManagedList splunkServersList = new ManagedList(); 72 | 73 | for (String splunkServerBeanName : StringUtils.commaDelimitedListToStringArray(splunkServerBeanNames)) { 74 | splunkServersList.add(new RuntimeBeanReference(splunkServerBeanName)); 75 | } 76 | serviceFactoryBuilder.addConstructorArgValue(splunkServersList); 77 | splunkDataReaderBuilder.addConstructorArgValue(serviceFactoryBuilder.getBeanDefinition()); 78 | } 79 | 80 | String channelAdapterId = this.resolveId(element, splunkPollingChannelAdapterBuilder.getRawBeanDefinition(), 81 | parserContext); 82 | String splunkExecutorBeanName = channelAdapterId + ".splunkExecutor"; 83 | String splunkDataReaderBeanName = splunkExecutorBeanName + ".reader"; 84 | 85 | parserContext.registerBeanComponent(new BeanComponentDefinition(splunkDataReaderBuilder.getBeanDefinition(), 86 | splunkDataReaderBeanName)); 87 | splunkExecutorBuilder.addPropertyReference("reader", splunkDataReaderBeanName); 88 | 89 | BeanDefinition splunkExecutorBuilderBeanDefinition = splunkExecutorBuilder.getBeanDefinition(); 90 | parserContext.registerBeanComponent(new BeanComponentDefinition(splunkExecutorBuilderBeanDefinition, 91 | splunkExecutorBeanName)); 92 | 93 | splunkPollingChannelAdapterBuilder.addConstructorArgReference(splunkExecutorBeanName); 94 | 95 | return splunkPollingChannelAdapterBuilder.getBeanDefinition(); 96 | } 97 | 98 | } 99 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/config/xml/SplunkNamespaceHandler.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.config.xml; 17 | 18 | import org.springframework.integration.config.xml.AbstractIntegrationNamespaceHandler; 19 | 20 | /** 21 | * The namespace handler for the Splunk namespace 22 | * 23 | * @author Jarred Li 24 | * @since 1.0 25 | * 26 | */ 27 | public class SplunkNamespaceHandler extends AbstractIntegrationNamespaceHandler { 28 | 29 | /* (non-Javadoc) 30 | * @see org.springframework.beans.factory.xml.NamespaceHandler#init() 31 | */ 32 | public void init() { 33 | registerBeanDefinitionParser("server", new SplunkServerParser()); 34 | this.registerBeanDefinitionParser("inbound-channel-adapter", new SplunkInboundChannelAdapterParser()); 35 | this.registerBeanDefinitionParser("outbound-channel-adapter", new SplunkOutboundChannelAdapterParser()); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/config/xml/SplunkOutboundChannelAdapterParser.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.config.xml; 18 | 19 | import org.w3c.dom.Element; 20 | 21 | import org.springframework.beans.factory.config.BeanDefinition; 22 | import org.springframework.beans.factory.config.RuntimeBeanReference; 23 | import org.springframework.beans.factory.parsing.BeanComponentDefinition; 24 | import org.springframework.beans.factory.support.AbstractBeanDefinition; 25 | import org.springframework.beans.factory.support.BeanDefinitionBuilder; 26 | import org.springframework.beans.factory.support.ManagedList; 27 | import org.springframework.beans.factory.xml.ParserContext; 28 | import org.springframework.integration.config.xml.AbstractOutboundChannelAdapterParser; 29 | import org.springframework.integration.config.xml.IntegrationNamespaceUtils; 30 | import org.springframework.integration.splunk.outbound.SplunkOutboundChannelAdapter; 31 | import org.springframework.integration.splunk.support.SplunkArgsFactoryBean; 32 | import org.springframework.integration.splunk.support.SplunkIndexWriter; 33 | import org.springframework.integration.splunk.support.SplunkServiceFactory; 34 | import org.springframework.integration.splunk.support.SplunkSubmitWriter; 35 | import org.springframework.integration.splunk.support.SplunkTcpWriter; 36 | import org.springframework.util.StringUtils; 37 | import org.springframework.util.xml.DomUtils; 38 | 39 | /** 40 | * The parser for the Splunk Outbound Channel Adapter. 41 | * 42 | * @author Jarred Li 43 | * @author David Turanski 44 | * @author Olivier Lamy 45 | * @since 1.0 46 | * 47 | */ 48 | public class SplunkOutboundChannelAdapterParser extends AbstractOutboundChannelAdapterParser { 49 | 50 | @Override 51 | protected boolean shouldGenerateId() { 52 | return false; 53 | } 54 | 55 | @Override 56 | protected boolean shouldGenerateIdAsFallback() { 57 | return true; 58 | } 59 | 60 | @Override 61 | protected AbstractBeanDefinition parseConsumer(Element element, ParserContext parserContext) { 62 | 63 | BeanDefinitionBuilder splunkOutboundChannelAdapterBuilder = 64 | BeanDefinitionBuilder.genericBeanDefinition(SplunkOutboundChannelAdapter.class); 65 | BeanDefinitionBuilder splunkExecutorBuilder = SplunkParserUtils.getSplunkExecutorBuilder(element, parserContext); 66 | BeanDefinitionBuilder argsBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkArgsFactoryBean.class); 67 | 68 | IntegrationNamespaceUtils.setValueIfAttributeDefined(argsBuilder, element, "source-type"); 69 | IntegrationNamespaceUtils.setValueIfAttributeDefined(argsBuilder, element, "source"); 70 | IntegrationNamespaceUtils.setValueIfAttributeDefined(argsBuilder, element, "host"); 71 | IntegrationNamespaceUtils.setValueIfAttributeDefined(argsBuilder, element, "host-regex"); 72 | 73 | BeanDefinitionBuilder dataWriterBuilder = parseDataWriter(element); 74 | 75 | // initialize splunk servers references 76 | 77 | BeanDefinitionBuilder serviceFactoryBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkServiceFactory.class); 78 | 79 | String splunkServerBeanNames = element.getAttribute("splunk-server-ref"); 80 | if (StringUtils.hasText(splunkServerBeanNames)) { 81 | 82 | ManagedList splunkServersList = new ManagedList(); 83 | 84 | for (String splunkServerBeanName : StringUtils.delimitedListToStringArray(splunkServerBeanNames, ";")) { 85 | splunkServersList.add(new RuntimeBeanReference(splunkServerBeanName)); 86 | } 87 | serviceFactoryBuilder.addConstructorArgValue(splunkServersList); 88 | } 89 | 90 | dataWriterBuilder.addConstructorArgValue(serviceFactoryBuilder.getBeanDefinition()); 91 | 92 | 93 | dataWriterBuilder.addConstructorArgValue(argsBuilder.getBeanDefinition()); 94 | 95 | String channelAdapterId = this.resolveId(element, splunkOutboundChannelAdapterBuilder.getRawBeanDefinition(), 96 | parserContext); 97 | String splunkExecutorBeanName = channelAdapterId + ".splunkExecutor"; 98 | String splunkDataWriterBeanName = splunkExecutorBeanName + ".writer"; 99 | 100 | parserContext.registerBeanComponent(new BeanComponentDefinition(dataWriterBuilder.getBeanDefinition(), 101 | splunkDataWriterBeanName)); 102 | splunkExecutorBuilder.addPropertyReference("writer", splunkDataWriterBeanName); 103 | 104 | BeanDefinition splunkExecutorBuilderBeanDefinition = splunkExecutorBuilder.getBeanDefinition(); 105 | parserContext.registerBeanComponent(new BeanComponentDefinition(splunkExecutorBuilderBeanDefinition, 106 | splunkExecutorBeanName)); 107 | 108 | splunkOutboundChannelAdapterBuilder.addConstructorArgReference(splunkExecutorBeanName); 109 | splunkOutboundChannelAdapterBuilder.addPropertyValue("producesReply", Boolean.FALSE); 110 | 111 | return splunkOutboundChannelAdapterBuilder.getBeanDefinition(); 112 | 113 | } 114 | 115 | private BeanDefinitionBuilder parseDataWriter(Element element) { 116 | BeanDefinitionBuilder dataWriterBuilder = null; 117 | if (DomUtils.getChildElementByTagName(element, "index-writer") != null) { 118 | Element dataWriter = DomUtils.getChildElementByTagName(element, "index-writer"); 119 | dataWriterBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkIndexWriter.class); 120 | IntegrationNamespaceUtils.setValueIfAttributeDefined(dataWriterBuilder, dataWriter, "index"); 121 | 122 | } 123 | if (DomUtils.getChildElementByTagName(element, "submit-writer") != null) { 124 | Element dataWriter = DomUtils.getChildElementByTagName(element, "submit-writer"); 125 | dataWriterBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkSubmitWriter.class); 126 | IntegrationNamespaceUtils.setValueIfAttributeDefined(dataWriterBuilder, dataWriter, "index"); 127 | } 128 | if (DomUtils.getChildElementByTagName(element, "tcp-writer") != null) { 129 | Element dataWriter = DomUtils.getChildElementByTagName(element, "tcp-writer"); 130 | dataWriterBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkTcpWriter.class); 131 | IntegrationNamespaceUtils.setValueIfAttributeDefined(dataWriterBuilder, dataWriter, "port"); 132 | 133 | } 134 | 135 | IntegrationNamespaceUtils.setValueIfAttributeDefined(dataWriterBuilder, element, 136 | IntegrationNamespaceUtils.AUTO_STARTUP); 137 | 138 | return dataWriterBuilder; 139 | } 140 | 141 | } 142 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/config/xml/SplunkParserUtils.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.config.xml; 17 | 18 | import org.springframework.beans.factory.config.BeanDefinition; 19 | import org.springframework.beans.factory.support.BeanDefinitionBuilder; 20 | import org.springframework.beans.factory.xml.ParserContext; 21 | import org.springframework.integration.splunk.support.SplunkExecutor; 22 | import org.springframework.util.Assert; 23 | import org.w3c.dom.Element; 24 | 25 | /** 26 | * Contains various utility methods for parsing Splunk Adapter 27 | * specific namesspace elements as well as for the generation of the 28 | * respective {@link BeanDefinition}s. 29 | * 30 | * @author Jarred Li 31 | * @since 1.0 32 | * 33 | */ 34 | public final class SplunkParserUtils { 35 | 36 | /** Prevent instantiation. */ 37 | private SplunkParserUtils() { 38 | throw new AssertionError(); 39 | } 40 | 41 | /** 42 | * Create a new {@link BeanDefinitionBuilder} for the class {@link SplunkExecutor}. 43 | * Initialize the wrapped {@link SplunkExecutor} with common properties. 44 | * 45 | * @param element Must not be null 46 | * @param parserContext Must not be null 47 | * @return The BeanDefinitionBuilder for the SplunkExecutor 48 | */ 49 | public static BeanDefinitionBuilder getSplunkExecutorBuilder(final Element element, final ParserContext parserContext) { 50 | 51 | Assert.notNull(element, "The provided element must not be null."); 52 | Assert.notNull(parserContext, "The provided parserContext must not be null."); 53 | 54 | final BeanDefinitionBuilder splunkExecutorBuilder = BeanDefinitionBuilder.genericBeanDefinition(SplunkExecutor.class); 55 | 56 | return splunkExecutorBuilder; 57 | 58 | } 59 | 60 | } 61 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/config/xml/SplunkServerParser.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.config.xml; 18 | 19 | import org.w3c.dom.Element; 20 | 21 | import org.springframework.beans.factory.support.BeanDefinitionBuilder; 22 | import org.springframework.beans.factory.xml.AbstractSimpleBeanDefinitionParser; 23 | import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate; 24 | import org.springframework.beans.factory.xml.ParserContext; 25 | import org.springframework.integration.config.xml.IntegrationNamespaceUtils; 26 | import org.springframework.integration.splunk.support.SplunkServer; 27 | 28 | /** 29 | * Splunk server element parser. 30 | * 31 | * The XML element is like this: 32 | * 
33 |  * {@code
34 |  * 
36 |  * }
37 |  *
38 | * 39 | * @author Jarred Li 40 | * @author Olivier Lamy 41 | * @since 1.0 42 | * 43 | */ 44 | public class SplunkServerParser extends AbstractSimpleBeanDefinitionParser { 45 | 46 | @Override 47 | public Class getBeanClass(Element element) { 48 | return SplunkServer.class; 49 | } 50 | 51 | @Override 52 | protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) { 53 | super.doParse(element, parserContext, builder); 54 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, 55 | BeanDefinitionParserDelegate.SCOPE_ATTRIBUTE); 56 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "host"); 57 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "port"); 58 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "scheme"); 59 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "app"); 60 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "owner"); 61 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "username"); 62 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "password"); 63 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "timeout"); 64 | IntegrationNamespaceUtils.setValueIfAttributeDefined(builder, element, "checkServiceOnBorrow"); 65 | 66 | } 67 | 68 | } 69 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/config/xml/package-info.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Provides parser classes to provide Xml namespace support for the Splunk components. 3 | */ 4 | package org.springframework.integration.splunk.config.xml; 5 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/core/DataReader.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.core; 17 | 18 | import java.util.List; 19 | 20 | import org.springframework.integration.splunk.event.SplunkEvent; 21 | 22 | /** 23 | * Data reader to read Splunk data from the service. 24 | * 25 | * @author Jarred Li 26 | * @since 1.0 27 | */ 28 | public interface DataReader { 29 | 30 | List read() throws Exception; 31 | 32 | } 33 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/core/DataWriter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.core; 17 | 18 | import org.springframework.integration.splunk.event.SplunkEvent; 19 | 20 | /** 21 | * Data writer to write Splunk data into Splunk 22 | * 23 | * @author Jarred Li 24 | * @since 1.0 25 | * 26 | */ 27 | public interface DataWriter { 28 | 29 | void write(SplunkEvent data) throws Exception; 30 | 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/core/ServiceFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.core; 14 | 15 | import com.splunk.Service; 16 | 17 | /** 18 | * @author David Turanski 19 | * 20 | */ 21 | public interface ServiceFactory { 22 | public Service getService(); 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/core/package-info.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Provides core classes of the Splunk module. 3 | */ 4 | package org.springframework.integration.splunk.core; 5 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/AcManagementEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.event; 17 | 18 | 19 | /** 20 | * Splunk data entity 21 | * 22 | * @author Jarred Li 23 | * @author Damien Dallimore damien@dtdsoftware.com 24 | * @author David Turanski 25 | * @since 1.0 26 | * 27 | */ 28 | @SuppressWarnings("serial") 29 | public class AcManagementEvent extends SplunkEvent { 30 | 31 | 32 | /** 33 | * Splunk Common Information Model(CIM) Fields 34 | */ 35 | 36 | // ------------------ 37 | // Account management 38 | // ------------------ 39 | 40 | /** 41 | * The domain containing the user that is affected by the account management 42 | * event. 43 | */ 44 | public static String AC_MANAGEMENT_DEST_NT_DOMAIN = "dest_nt_domain"; 45 | /** 46 | * Description of the account management change performed. 47 | */ 48 | public static String AC_MANAGEMENT_SIGNATURE = "signature"; 49 | /** 50 | * The NT source of the destination. In the case of an account management 51 | * event, this is the domain that contains the user that generated the 52 | * event. 53 | */ 54 | public static String AC_MANAGEMENT_SRC_NT_DOMAIN = "src_nt_domain"; 55 | 56 | public void setAcManagementDestNtDomain(String acManagementDestNtDomain) { 57 | addPair(AC_MANAGEMENT_DEST_NT_DOMAIN, acManagementDestNtDomain); 58 | } 59 | 60 | public void setAcManagementSignature(String acManagementSignature) { 61 | addPair(AC_MANAGEMENT_SIGNATURE, acManagementSignature); 62 | } 63 | 64 | public void setAcManagementSrcNtDomain(String acManagementSrcNtDomain) { 65 | addPair(AC_MANAGEMENT_SRC_NT_DOMAIN, acManagementSrcNtDomain); 66 | } 67 | } -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/AuthEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class AuthEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Authentication - Access protection 23 | // ---------------------------------- 24 | 25 | /** 26 | * The action performed on the resource. success, failure 27 | */ 28 | public static String AUTH_ACTION = "action"; 29 | /** 30 | * The application involved in the event (such as ssh, spunk, win:local). 31 | */ 32 | public static String AUTH_APP = "app"; 33 | /** 34 | * The target involved in the authentication. If your field is named 35 | * dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest 36 | * to make it CIM-compliant. 37 | */ 38 | public static String AUTH_DEST = "dest"; 39 | /** 40 | * The source involved in the authentication. In the case of endpoint 41 | * protection authentication the src is the client. If your field is named 42 | * src_host, src_ip, src_ipv6, or src_nt_host you can alias it as src to 43 | * make it CIM-compliant.. It is required for all events dealing with 44 | * endpoint protection (Authentication, change analysis, malware, system 45 | * center, and update). Note: Do not confuse this with the event source or 46 | * sourcetype fields. 47 | */ 48 | public static String AUTH_SRC = "src"; 49 | /** 50 | * In privilege escalation events, src_user represents the user who 51 | * initiated the privilege escalation. 52 | */ 53 | public static String AUTH_SRC_USER = "src_user"; 54 | /** 55 | * The name of the user involved in the event, or who initiated the event. 56 | * For authentication privilege escalation events this should represent the 57 | * user targeted by the escalation. 58 | */ 59 | public static String AUTH_USER = "user"; 60 | 61 | public void setAuthApp(String authApp) { 62 | addPair(AUTH_APP, authApp); 63 | } 64 | 65 | public void setAuthDest(String authDest) { 66 | addPair(AUTH_DEST, authDest); 67 | } 68 | 69 | public void setAuthSrc(String authSrc) { 70 | addPair(AUTH_SRC, authSrc); 71 | } 72 | 73 | public void setAuthSrcUser(String authSrcUser) { 74 | addPair(AUTH_SRC_USER, authSrcUser); 75 | } 76 | 77 | public void setAuthUser(String authUser) { 78 | addPair(AUTH_USER, authUser); 79 | } 80 | 81 | public void setAuthAction(String authAction) { 82 | addPair(AUTH_ACTION, authAction); 83 | } 84 | } 85 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/DnsEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class DnsEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // DNS protocol 23 | // ---------------------------------- 24 | 25 | /** 26 | * The DNS domain that has been queried. 27 | */ 28 | public static String DNS_DEST_DOMAIN = "dest_domain"; 29 | /** 30 | * The remote DNS resource record being acted upon. 31 | */ 32 | public static String DNS_DEST_RECORD = "dest_record"; 33 | /** 34 | * The DNS zone that is being received by the slave as part of a zone 35 | * transfer. 36 | */ 37 | public static String DNS_DEST_ZONE = "dest_zone"; 38 | /** 39 | * The DNS resource record class. 40 | */ 41 | public static String DNS_RECORD_CLASS = "record_class"; 42 | /** 43 | * The DNS resource record type. 44 | * 45 | * @see see 47 | * this Wikipedia article on DNS record types 48 | */ 49 | public static String DNS_RECORD_TYPE = "record_type"; 50 | /** 51 | * The local DNS domain that is being queried. 52 | */ 53 | public static String DNS_SRC_DOMAIN = "src_domain"; 54 | /** 55 | * The local DNS resource record being acted upon. 56 | */ 57 | public static String DNS_SRC_RECORD = "src_record"; 58 | /** 59 | * The DNS zone that is being transferred by the master as part of a zone 60 | * transfer. 61 | */ 62 | public static String DNS_SRC_ZONE = "src_zone"; 63 | public void setDnsDestDomain(String dnsDestDomain) { 64 | addPair(DNS_DEST_DOMAIN, dnsDestDomain); 65 | } 66 | 67 | public void setDnsDestRecord(String dnsDestRecord) { 68 | addPair(DNS_DEST_RECORD, dnsDestRecord); 69 | } 70 | 71 | public void setDnsDestZone(String dnsDestZone) { 72 | addPair(DNS_DEST_ZONE, dnsDestZone); 73 | } 74 | 75 | public void setDnsRecordClass(String dnsRecordClass) { 76 | addPair(DNS_RECORD_CLASS, dnsRecordClass); 77 | } 78 | 79 | public void setDnsRecordType(String dnsRecordType) { 80 | addPair(DNS_RECORD_TYPE, dnsRecordType); 81 | } 82 | 83 | public void setDnsSrcDomain(String dnsSrcDomain) { 84 | addPair(DNS_SRC_DOMAIN, dnsSrcDomain); 85 | } 86 | 87 | public void setDnsSrcRecord(String dnsSrcRecord) { 88 | addPair(DNS_SRC_RECORD, dnsSrcRecord); 89 | } 90 | 91 | public void setDnsSrcZone(String dnsSrcZone) { 92 | addPair(DNS_SRC_ZONE, dnsSrcZone); 93 | } 94 | 95 | } 96 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/EmailEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class EmailEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Email tracking 23 | // ---------------------------------- 24 | 25 | /** 26 | * The person to whom an email is sent. 27 | */ 28 | public static String EMAIL_RECIPIENT = "recipient"; 29 | /** 30 | * The person responsible for sending an email. 31 | */ 32 | public static String EMAIL_SENDER = "sender"; 33 | /** 34 | * The email subject line. 35 | */ 36 | public static String EMAIL_SUBJECT = "subject"; 37 | 38 | public void setEmailRecipient(String emailRecipient) { 39 | addPair(EMAIL_RECIPIENT, emailRecipient); 40 | } 41 | 42 | public void setEmailSender(String emailSender) { 43 | addPair(EMAIL_SENDER, emailSender); 44 | } 45 | 46 | public void setEmailSubject(String emailSubject) { 47 | addPair(EMAIL_SUBJECT, emailSubject); 48 | } 49 | 50 | } 51 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/EndpointProtectionEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class EndpointProtectionEvent extends SplunkEvent { 21 | 22 | // ---------------------------------- 23 | // Change analysis - Endpoint protection 24 | // ---------------------------------- 25 | 26 | /** 27 | * The action performed on the resource. 28 | */ 29 | public static String CHANGE_ENDPOINT_PROTECTION_ACTION = "action"; 30 | /** 31 | * The type of change discovered in the change analysis event. 32 | */ 33 | public static String CHANGE_ENDPOINT_PROTECTION_CHANGE_TYPE = "change_type"; 34 | /** 35 | * The host that was affected by the change. If your field is named 36 | * dest_host,dest_ip,dest_ipv6, or dest_nt_host you can alias it as dest to 37 | * make it CIM-compliant. 38 | */ 39 | public static String CHANGE_ENDPOINT_PROTECTION_DEST = "dest"; 40 | /** 41 | * The hash signature of the modified resource. 42 | */ 43 | public static String CHANGE_ENDPOINT_PROTECTION_HASH = "hash"; 44 | /** 45 | * The group ID of the modified resource. 46 | */ 47 | public static String CHANGE_ENDPOINT_PROTECTION_GID = "gid"; 48 | /** 49 | * Indicates whether or not the modified resource is a directory. 50 | */ 51 | public static String CHANGE_ENDPOINT_PROTECTION_ISDR = "isdr"; 52 | /** 53 | * The permissions mode of the modified resource. 54 | */ 55 | public static String CHANGE_ENDPOINT_PROTECTION_MODE = "mode"; 56 | /** 57 | * The modification time of the modified resource. 58 | */ 59 | public static String CHANGE_ENDPOINT_PROTECTION_MODTIME = "modtime"; 60 | /** 61 | * The file path of the modified resource. 62 | */ 63 | public static String CHANGE_ENDPOINT_PROTECTION_PATH = "path"; 64 | /** 65 | * The size of the modified resource. 66 | */ 67 | public static String CHANGE_ENDPOINT_PROTECTION_SIZE = "size"; 68 | /** 69 | * The user ID of the modified resource. 70 | */ 71 | public static String CHANGE_ENDPOINT_PROTECTION_UID = "uid"; 72 | public void setChangeEndpointProtectionAction(String changeEndpointProtectionAction) { 73 | addPair(CHANGE_ENDPOINT_PROTECTION_ACTION, changeEndpointProtectionAction); 74 | } 75 | 76 | public void setChangeEndpointProtectionChangeType(String changeEndpointProtectionChangeType) { 77 | addPair(CHANGE_ENDPOINT_PROTECTION_CHANGE_TYPE, changeEndpointProtectionChangeType); 78 | } 79 | 80 | public void setChangeEndpointProtectionDest(String changeEndpointProtectionDest) { 81 | addPair(CHANGE_ENDPOINT_PROTECTION_DEST, changeEndpointProtectionDest); 82 | } 83 | 84 | public void setChangeEndpointProtectionHash(String changeEndpointProtectionHash) { 85 | addPair(CHANGE_ENDPOINT_PROTECTION_HASH, changeEndpointProtectionHash); 86 | } 87 | 88 | public void setChangeEndpointProtectionGid(long changeEndpointProtectionGid) { 89 | addPair(CHANGE_ENDPOINT_PROTECTION_GID, changeEndpointProtectionGid); 90 | } 91 | 92 | public void setChangeEndpointProtectionIsdr(boolean changeEndpointProtectionIsdr) { 93 | addPair(CHANGE_ENDPOINT_PROTECTION_ISDR, changeEndpointProtectionIsdr); 94 | } 95 | 96 | public void setChangeEndpointProtectionMode(long changeEndpointProtectionMode) { 97 | addPair(CHANGE_ENDPOINT_PROTECTION_MODE, changeEndpointProtectionMode); 98 | } 99 | 100 | public void setChangeEndpointProtectionModtime(String changeEndpointProtectionModtime) { 101 | addPair(CHANGE_ENDPOINT_PROTECTION_MODTIME, changeEndpointProtectionModtime); 102 | } 103 | 104 | public void setChangeEndpointProtectionPath(String changeEndpointProtectionPath) { 105 | addPair(CHANGE_ENDPOINT_PROTECTION_PATH, changeEndpointProtectionPath); 106 | } 107 | 108 | public void setChangeEndpointProtectionSize(long changeEndpointProtectionSize) { 109 | addPair(CHANGE_ENDPOINT_PROTECTION_SIZE, changeEndpointProtectionSize); 110 | } 111 | 112 | public void setChangeEndpointProtectionUid(long changeEndpointProtectionUid) { 113 | addPair(CHANGE_ENDPOINT_PROTECTION_UID, changeEndpointProtectionUid); 114 | } 115 | 116 | 117 | } 118 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/FileEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class FileEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // File management 23 | // ---------------------------------- 24 | 25 | /** 26 | * The time the file (the object of the event) was accessed. 27 | */ 28 | public static String FILE_ACCESS_TIME = "file_access_time"; 29 | /** 30 | * The time the file (the object of the event) was created. 31 | */ 32 | public static String FILE_CREATE_TIME = "file_create_time"; 33 | /** 34 | * A cryptographic identifier assigned to the file object affected by the 35 | * event. 36 | */ 37 | public static String FILE_HASH = "file_hash"; 38 | /** 39 | * The time the file (the object of the event) was altered. 40 | */ 41 | public static String FILE_MODIFY_TIME = "file_modify_time"; 42 | /** 43 | * The name of the file that is the object of the event (without location 44 | * information related to local file or directory structure). 45 | */ 46 | public static String FILE_NAME = "file_name"; 47 | /** 48 | * The location of the file that is the object of the event, in terms of 49 | * local file and directory structure. 50 | */ 51 | public static String FILE_PATH = "file_path"; 52 | /** 53 | * Access controls associated with the file affected by the event. 54 | */ 55 | public static String FILE_PERMISSION = "file_permission"; 56 | /** 57 | * The size of the file that is the object of the event. Indicate whether 58 | * Bytes, KB, MB, GB. 59 | */ 60 | public static String FILE_SIZE = "file_size"; 61 | 62 | public void setFileAccessTime(long fileAccessTime) { 63 | addPair(FILE_ACCESS_TIME, fileAccessTime); 64 | } 65 | 66 | public void setFileCreateTime(long fileCreateTime) { 67 | addPair(FILE_CREATE_TIME, fileCreateTime); 68 | } 69 | 70 | public void setFileHash(String fileHash) { 71 | addPair(FILE_HASH, fileHash); 72 | } 73 | 74 | public void setFileModifyTime(long fileModifyTime) { 75 | addPair(FILE_MODIFY_TIME, fileModifyTime); 76 | } 77 | 78 | public void setFileName(String fileName) { 79 | addPair(FILE_NAME, fileName); 80 | } 81 | 82 | public void setFilePath(String filePath) { 83 | addPair(FILE_PATH, filePath); 84 | } 85 | 86 | public void setFilePermission(String filePermission) { 87 | addPair(FILE_PERMISSION, filePermission); 88 | } 89 | 90 | public void setFileSize(long fileSize) { 91 | addPair(FILE_SIZE, fileSize); 92 | } 93 | } 94 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/IntrusionDetectionEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class IntrusionDetectionEvent extends SplunkEvent { 21 | 22 | 23 | // ---------------------------------- 24 | // Intrusion detection 25 | // ---------------------------------- 26 | 27 | /** 28 | * The category of the triggered signature. 29 | */ 30 | public static String INTRUSION_DETECTION_CATEGORY = "category"; 31 | /** 32 | * The destination of the attack detected by the intrusion detection system 33 | * (IDS). If your field is named dest_host, dest_ip, dest_ipv6, or 34 | * dest_nt_host you can alias it as dest to make it CIM-compliant. 35 | */ 36 | public static String INTRUSION_DETECTION_DEST = "dest"; 37 | /** 38 | * The device that detected the intrusion event. 39 | */ 40 | public static String INTRUSION_DETECTION_DVC = "dvc"; 41 | /** 42 | * The type of IDS that generated the event. 43 | */ 44 | public static String INTRUSION_DETECTION_IDS_TYPE = "ids_type"; 45 | /** 46 | * The product name of the vendor technology generating network protection 47 | * data, such as IDP, Providentia, and ASA. 48 | * 49 | * Note: Required for all events dealing with network protection (Change 50 | * analysis, proxy, malware, intrusion detection, packet filtering, and 51 | * vulnerability). 52 | */ 53 | public static String INTRUSION_DETECTION_PRODUCT = "product"; 54 | /** 55 | * The severity of the network protection event (such as critical, high, 56 | * medium, low, or informational). 57 | * 58 | * Note: This field is a string. Please use a severity_id field for severity 59 | * ID fields that are integer data types. 60 | */ 61 | public static String INTRUSION_DETECTION_SEVERITY = "severity"; 62 | /** 63 | * The name of the intrusion detected on the client (the src), such as 64 | * PlugAndPlay_BO and JavaScript_Obfuscation_Fre. 65 | */ 66 | public static String INTRUSION_DETECTION_SIGNATURE = "signature"; 67 | /** 68 | * The source involved in the attack detected by the IDS. If your field is 69 | * named src_host, src_ip, src_ipv6, or src_nt_host you can alias it as src 70 | * to make it CIM-compliant. 71 | */ 72 | public static String INTRUSION_DETECTION_SRC = "src"; 73 | /** 74 | * The user involved with the intrusion detection event. 75 | */ 76 | public static String INTRUSION_DETECTION_USER = "user"; 77 | /** 78 | * The vendor technology used to generate network protection data, such as 79 | * IDP, Providentia, and ASA. 80 | * 81 | * Note: Required for all events dealing with network protection (Change 82 | * analysis, proxy, malware, intrusion detection, packet filtering, and 83 | * vulnerability). 84 | */ 85 | public static String INTRUSION_DETECTION_VENDOR = "vendor"; 86 | public void setIntrusionDetectionCategory(String intrusionDetectionCategory) { 87 | addPair(INTRUSION_DETECTION_CATEGORY, intrusionDetectionCategory); 88 | } 89 | 90 | public void setIntrusionDetectionDest(String intrusionDetectionDest) { 91 | addPair(INTRUSION_DETECTION_DEST, intrusionDetectionDest); 92 | } 93 | 94 | public void setIntrusionDetectionDvc(String intrusionDetectionDvc) { 95 | addPair(INTRUSION_DETECTION_DVC, intrusionDetectionDvc); 96 | } 97 | 98 | public void setIntrusionDetectionIdsType(String intrusionDetectionIdsType) { 99 | addPair(INTRUSION_DETECTION_IDS_TYPE, intrusionDetectionIdsType); 100 | } 101 | 102 | public void setIntrusionDetectionProduct(String intrusionDetectionProduct) { 103 | addPair(INTRUSION_DETECTION_PRODUCT, intrusionDetectionProduct); 104 | } 105 | 106 | public void setIntrusionDetectionSeverity(String intrusionDetectionSeverity) { 107 | addPair(INTRUSION_DETECTION_SEVERITY, intrusionDetectionSeverity); 108 | } 109 | 110 | public void setIntrusionDetectionSignature(String intrusionDetectionSignature) { 111 | addPair(INTRUSION_DETECTION_SIGNATURE, intrusionDetectionSignature); 112 | } 113 | 114 | public void setIntrusionDetectionSrc(String intrusionDetectionSrc) { 115 | addPair(INTRUSION_DETECTION_SRC, intrusionDetectionSrc); 116 | } 117 | 118 | public void setIntrusionDetectionUser(String intrusionDetectionUser) { 119 | addPair(INTRUSION_DETECTION_USER, intrusionDetectionUser); 120 | } 121 | 122 | public void setIntrusionDetectionVendor(String intrusionDetectionVendor) { 123 | addPair(INTRUSION_DETECTION_VENDOR, intrusionDetectionVendor); 124 | } 125 | 126 | } 127 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/MalwareEndpointProtectionEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class MalwareEndpointProtectionEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Malware - Endpoint protection 23 | // ---------------------------------- 24 | 25 | /** 26 | * The outcome of the infection 27 | */ 28 | public static String MALWARE_ENDPOINT_PROTECTION_ACTION = "action"; 29 | /** 30 | * The NT domain of the destination (the dest_bestmatch). 31 | */ 32 | public static String MALWARE_ENDPOINT_PROTECTION_DEST_NT_DOMAIN = "dest_nt_domain"; 33 | /** 34 | * The cryptographic hash of the file associated with the malware event 35 | * (such as the malicious or infected file). 36 | */ 37 | public static String MALWARE_ENDPOINT_PROTECTION_FILE_HASH = "file_hash"; 38 | /** 39 | * The name of the file involved in the malware event (such as the infected 40 | * or malicious file). 41 | */ 42 | public static String MALWARE_ENDPOINT_PROTECTION_FILE_NAME = "file_name"; 43 | /** 44 | * The path of the file involved in the malware event (such as the infected 45 | * or malicious file). 46 | */ 47 | public static String MALWARE_ENDPOINT_PROTECTION_FILE_PATH = "file_path"; 48 | /** 49 | * The product name of the vendor technology (the vendor field) that is 50 | * generating malware data (such as Antivirus or EPO). 51 | */ 52 | public static String MALWARE_ENDPOINT_PROTECTION_PRODUCT = "product"; 53 | /** 54 | * The product version number of the vendor technology installed on the 55 | * client (such as 10.4.3 or 11.0.2). 56 | */ 57 | public static String MALWARE_ENDPOINT_PROTECTION_PRODUCT_VERSION = "product_version"; 58 | /** 59 | * The name of the malware infection detected on the client (the src), such 60 | * as Trojan.Vundo,Spyware.Gaobot,W32.Nimbda). 61 | * 62 | * Note: This field is a string. Please use a signature_id field for 63 | * signature ID fields that are integer data types. 64 | */ 65 | public static String MALWARE_ENDPOINT_PROTECTION_SIGNATURE = "signature"; 66 | /** 67 | * The current signature definition set running on the client, such as 68 | * 11hsvx) 69 | */ 70 | public static String MALWARE_ENDPOINT_PROTECTION_SIGNATURE_VERSION = "signature_version"; 71 | /** 72 | * The target affected or infected by the malware. If your field is named 73 | * dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest 74 | * to make it CIM-compliant. 75 | */ 76 | public static String MALWARE_ENDPOINT_PROTECTION_DEST = "dest"; 77 | /** 78 | * The NT domain of the source (the src). 79 | */ 80 | public static String MALWARE_ENDPOINT_PROTECTION_SRC_NT_DOMAIN = "src_nt_domain"; 81 | /** 82 | * The name of the user involved in the malware event. 83 | */ 84 | public static String MALWARE_ENDPOINT_PROTECTION_USER = "user"; 85 | /** 86 | * The name of the vendor technology generating malware data, such as 87 | * Symantec or McAfee. 88 | */ 89 | public static String MALWARE_ENDPOINT_PROTECTION_VENDOR = "vendor"; 90 | 91 | public void setMalwareEndpointProtectionAction(String malwareEndpointProtectionAction) { 92 | addPair(MALWARE_ENDPOINT_PROTECTION_ACTION, malwareEndpointProtectionAction); 93 | } 94 | 95 | public void setMalwareEndpointProtectionDestNtDomain(String malwareEndpointProtectionDestNtDomain) { 96 | addPair(MALWARE_ENDPOINT_PROTECTION_DEST_NT_DOMAIN, malwareEndpointProtectionDestNtDomain); 97 | } 98 | 99 | public void setMalwareEndpointProtectionFileHash(String malwareEndpointProtectionFileHash) { 100 | addPair(MALWARE_ENDPOINT_PROTECTION_FILE_HASH, malwareEndpointProtectionFileHash); 101 | } 102 | 103 | public void setMalwareEndpointProtectionFileName(String malwareEndpointProtectionFileName) { 104 | addPair(MALWARE_ENDPOINT_PROTECTION_FILE_NAME, malwareEndpointProtectionFileName); 105 | } 106 | 107 | public void setMalwareEndpointProtectionFilePath(String malwareEndpointProtectionFilePath) { 108 | addPair(MALWARE_ENDPOINT_PROTECTION_FILE_PATH, malwareEndpointProtectionFilePath); 109 | } 110 | 111 | public void setMalwareEndpointProtectionProduct(String malwareEndpointProtectionProduct) { 112 | addPair(MALWARE_ENDPOINT_PROTECTION_PRODUCT, malwareEndpointProtectionProduct); 113 | } 114 | 115 | public void setMalwareEndpointProtectionProductVersion(String malwareEndpointProtectionProductVersion) { 116 | addPair(MALWARE_ENDPOINT_PROTECTION_PRODUCT_VERSION, malwareEndpointProtectionProductVersion); 117 | } 118 | 119 | public void setMalwareEndpointProtectionSignature(String malwareEndpointProtectionSignature) { 120 | addPair(MALWARE_ENDPOINT_PROTECTION_SIGNATURE, malwareEndpointProtectionSignature); 121 | } 122 | 123 | public void setMalwareEndpointProtectionSignatureVersion(String malwareEndpointProtectionSignatureVersion) { 124 | addPair(MALWARE_ENDPOINT_PROTECTION_SIGNATURE_VERSION, malwareEndpointProtectionSignatureVersion); 125 | } 126 | 127 | public void setMalwareEndpointProtectionDest(String malwareEndpointProtectionDest) { 128 | addPair(MALWARE_ENDPOINT_PROTECTION_DEST, malwareEndpointProtectionDest); 129 | } 130 | 131 | public void setMalwareEndpointProtectionSrcNtDomain(String malwareEndpointProtectionSrcNtDomain) { 132 | addPair(MALWARE_ENDPOINT_PROTECTION_SRC_NT_DOMAIN, malwareEndpointProtectionSrcNtDomain); 133 | } 134 | 135 | public void setMalwareEndpointProtectionUser(String malwareEndpointProtectionUser) { 136 | addPair(MALWARE_ENDPOINT_PROTECTION_USER, malwareEndpointProtectionUser); 137 | } 138 | 139 | public void setMalwareEndpointProtectionVendor(String malwareEndpointProtectionVendor) { 140 | addPair(MALWARE_ENDPOINT_PROTECTION_VENDOR, malwareEndpointProtectionVendor); 141 | } 142 | 143 | } 144 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/MalwareNetworkProtectionEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class MalwareNetworkProtectionEvent extends SplunkEvent { 21 | 22 | // ---------------------------------- 23 | // Malware - Network protection 24 | // ---------------------------------- 25 | 26 | /** 27 | * The product name of the vendor technology generating network protection 28 | * data, such as IDP, Proventia, and ASA. 29 | * 30 | * Note: Required for all events dealing with network protection (Change 31 | * analysis, proxy, malware, intrusion detection, packet filtering, and 32 | * vulnerability). 33 | */ 34 | public static String MALWARE_NETWORK_PROTECTION_PRODUCT = "product"; 35 | /** 36 | * The severity of the network protection event (such as critical, high, 37 | * medium, low, or informational). 38 | * 39 | * Note: This field is a string. Please use a severity_id field for severity 40 | * ID fields that are integer data types. 41 | */ 42 | public static String MALWARE_NETWORK_PROTECTION_SEVERITY = "severity"; 43 | /** 44 | * The vendor technology used to generate network protection data, such as 45 | * IDP, Proventia, and ASA. 46 | * 47 | * Note: Required for all events dealing with network protection (Change 48 | * analysis, proxy, malware, intrusion detection, packet filtering, and 49 | * vulnerability). 50 | */ 51 | public static String MALWARE_NETWORK_PROTECTION_VENDOR = "vendor"; 52 | 53 | public void setMalwareNetworkProtectionProduct(String malwareNetworkProtectionProduct) { 54 | addPair(MALWARE_NETWORK_PROTECTION_PRODUCT, malwareNetworkProtectionProduct); 55 | } 56 | 57 | public void setMalwareNetworkProtectionSeverity(String malwareNetworkProtectionSeverity) { 58 | addPair(MALWARE_NETWORK_PROTECTION_SEVERITY, malwareNetworkProtectionSeverity); 59 | } 60 | 61 | public void setMalwareNetworkProtectionVendor(String malwareNetworkProtectionVendor) { 62 | addPair(MALWARE_NETWORK_PROTECTION_VENDOR, malwareNetworkProtectionVendor); 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/NetworkProtectionEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class NetworkProtectionEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Change analysis - Network protection 23 | // ---------------------------------- 24 | 25 | /** 26 | * The type of change observed. 27 | */ 28 | public static String CHANGE_NETWORK_PROTECTION_ACTION = "action"; 29 | /** 30 | * The command that initiated the change. 31 | */ 32 | public static String CHANGE_NETWORK_PROTECTION_COMMAND = "command"; 33 | /** 34 | * The device that is directly affected by the change. 35 | */ 36 | public static String CHANGE_NETWORK_PROTECTION_DVC = "dvc"; 37 | /** 38 | * The user that initiated the change. 39 | */ 40 | public static String CHANGE_NETWORK_PROTECTION_USER = "user"; 41 | 42 | public void setChangeNetworkProtectionAction(String changeNetworkProtectionAction) { 43 | addPair(CHANGE_NETWORK_PROTECTION_ACTION, changeNetworkProtectionAction); 44 | } 45 | 46 | public void setChangeNetworkProtectionCommand(String changeNetworkProtectionCommand) { 47 | addPair(CHANGE_NETWORK_PROTECTION_COMMAND, changeNetworkProtectionCommand); 48 | } 49 | 50 | public void setChangeNetworkProtectionDvc(String changeNetworkProtectionDvc) { 51 | addPair(CHANGE_NETWORK_PROTECTION_DVC, changeNetworkProtectionDvc); 52 | } 53 | 54 | public void setChangeNetworkProtectionUser(String changeNetworkProtectionUser) { 55 | addPair(CHANGE_NETWORK_PROTECTION_USER, changeNetworkProtectionUser); 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/NetworkTrafficEssEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class NetworkTrafficEssEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Network traffic - ESS 23 | // ---------------------------------- 24 | 25 | /** 26 | * The action of the network traffic. 27 | */ 28 | public static String NETWORK_TRAFFIC_ESS_ACTION = "action"; 29 | /** 30 | * The destination port of the network traffic. 31 | */ 32 | public static String NETWORK_TRAFFIC_ESS_DEST_PORT = "dest_port"; 33 | /** 34 | * The product name of the vendor technology generating NetworkProtection 35 | * data, such as IDP, Proventia, and ASA. 36 | * 37 | * Note: Required for all events dealing with network protection (Change 38 | * analysis, proxy, malware, intrusion detection, packet filtering, and 39 | * vulnerability). 40 | */ 41 | public static String NETWORK_TRAFFIC_ESS_PRODUCT = "product"; 42 | /** 43 | * The source port of the network traffic. 44 | */ 45 | public static String NETWORK_TRAFFIC_ESS_SRC_PORT = "src_port"; 46 | /** 47 | * The vendor technology used to generate NetworkProtection data, such as 48 | * IDP, Proventia, and ASA. 49 | * 50 | * Note: Required for all events dealing with network protection (Change 51 | * analysis, proxy, malware, intrusion detection, packet filtering, and 52 | * vulnerability). 53 | */ 54 | public static String NETWORK_TRAFFIC_ESS_VENDOR = "vendor"; 55 | 56 | public void setNetworkTrafficEssAction(String networkTrafficEssAction) { 57 | addPair(NETWORK_TRAFFIC_ESS_ACTION, networkTrafficEssAction); 58 | } 59 | 60 | public void setNetworkTrafficEssDestPort(int networkTrafficEssDestPort) { 61 | addPair(NETWORK_TRAFFIC_ESS_DEST_PORT, networkTrafficEssDestPort); 62 | } 63 | 64 | public void setNetworkTrafficEssProduct(String networkTrafficEssProduct) { 65 | addPair(NETWORK_TRAFFIC_ESS_PRODUCT, networkTrafficEssProduct); 66 | } 67 | 68 | public void setNetworkTrafficEssSrcPort(int networkTrafficEssSrcPort) { 69 | addPair(NETWORK_TRAFFIC_ESS_SRC_PORT, networkTrafficEssSrcPort); 70 | } 71 | 72 | public void setNetworkTrafficEssVendor(String networkTrafficEssVendor) { 73 | addPair(NETWORK_TRAFFIC_ESS_VENDOR, networkTrafficEssVendor); 74 | } 75 | 76 | } 77 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/PacketFilterEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class PacketFilterEvent extends SplunkEvent { 21 | 22 | // ---------------------------------- 23 | // Packet filtering 24 | // ---------------------------------- 25 | 26 | /** 27 | * The action the filtering device (the dvc_bestmatch field) performed on 28 | * the communication. 29 | */ 30 | public static String PACKET_FILTERING_ACTION = "action"; 31 | /** 32 | * The IP port of the packet's destination, such as 22. 33 | */ 34 | public static String PACKET_FILTERING_DEST_PORT = "dest_port"; 35 | /** 36 | * The direction the packet is traveling. 37 | */ 38 | public static String PACKET_FILTERING_DIRECTION = "direction"; 39 | /** 40 | * The name of the packet filtering device. If your field is named dvc_host, 41 | * dvc_ip, or dvc_nt_host you can alias it as dvc to make it CIM-compliant. 42 | */ 43 | public static String PACKET_FILTERING_DVC = "dvc"; 44 | /** 45 | * The rule which took action on the packet, such as 143. 46 | */ 47 | public static String PACKET_FILTERING_RULE = "rule"; 48 | /** 49 | * The IP port of the packet's source, such as 34541. 50 | */ 51 | public static String PACKET_FILTERING_SVC_PORT = "svc_port"; 52 | public void setPacketFilteringAction(String packetFilteringAction) { 53 | addPair(PACKET_FILTERING_ACTION, packetFilteringAction); 54 | } 55 | 56 | public void setPacketFilteringDestPort(int packetFilteringDestPort) { 57 | addPair(PACKET_FILTERING_DEST_PORT, packetFilteringDestPort); 58 | } 59 | 60 | public void setPacketFilteringDirection(String packetFilteringDirection) { 61 | addPair(PACKET_FILTERING_DIRECTION, packetFilteringDirection); 62 | } 63 | 64 | public void setPacketFilteringDvc(String packetFilteringDvc) { 65 | addPair(PACKET_FILTERING_DVC, packetFilteringDvc); 66 | } 67 | 68 | public void setPacketFilteringRule(String packetFilteringRule) { 69 | addPair(PACKET_FILTERING_RULE, packetFilteringRule); 70 | } 71 | 72 | public void setPacketFilteringSvcPort(int packetFilteringSvcPort) { 73 | addPair(PACKET_FILTERING_SVC_PORT, packetFilteringSvcPort); 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/ProxyEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class ProxyEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Proxy 23 | // ---------------------------------- 24 | 25 | /** 26 | * The action taken by the proxy. 27 | */ 28 | public static String PROXY_ACTION = "action"; 29 | /** 30 | * The destination of the network traffic (the remote host). 31 | */ 32 | public static String PROXY_DEST = "dest"; 33 | /** 34 | * The content-type of the requested HTTP resource. 35 | */ 36 | public static String PROXY_HTTP_CONTENT_TYPE = "http_content_type"; 37 | /** 38 | * The HTTP method used to request the resource. 39 | */ 40 | public static String PROXY_HTTP_METHOD = "http_method"; 41 | /** 42 | * The HTTP referrer used to request the HTTP resource. 43 | */ 44 | public static String PROXY_HTTP_REFER = "http_refer"; 45 | /** 46 | * The HTTP response code. 47 | */ 48 | public static String PROXY_HTTP_RESPONSE = "http_response"; 49 | /** 50 | * The user agent used to request the HTTP resource. 51 | */ 52 | public static String PROXY_HTTP_USER_AGENT = "http_user_agent"; 53 | /** 54 | * The product name of the vendor technology generating Network Protection 55 | * data, such as IDP, Providentia, and ASA. 56 | */ 57 | public static String PROXY_PRODUCT = "product"; 58 | /** 59 | * The source of the network traffic (the client requesting the connection). 60 | */ 61 | public static String PROXY_SRC = "src"; 62 | /** 63 | * The HTTP response code indicating the status of the proxy request. 64 | */ 65 | public static String PROXY_STATUS = "status"; 66 | /** 67 | * The user that requested the HTTP resource. 68 | */ 69 | public static String PROXY_USER = "user"; 70 | /** 71 | * The URL of the requested HTTP resource. 72 | */ 73 | public static String PROXY_URL = "url"; 74 | /** 75 | * The vendor technology generating Network Protection data, such as IDP, 76 | * Providentia, and ASA. 77 | */ 78 | public static String PROXY_VENDOR = "vendor"; 79 | 80 | 81 | public void setProxyAction(String proxyAction) { 82 | addPair(PROXY_ACTION, proxyAction); 83 | } 84 | 85 | public void setProxyDest(String proxyDest) { 86 | addPair(PROXY_DEST, proxyDest); 87 | } 88 | 89 | public void setProxyHttpContentType(String proxyHttpContentType) { 90 | addPair(PROXY_HTTP_CONTENT_TYPE, proxyHttpContentType); 91 | } 92 | 93 | public void setProxyHttpMethod(String proxyHttpMethod) { 94 | addPair(PROXY_HTTP_METHOD, proxyHttpMethod); 95 | } 96 | 97 | public void setProxyHttpRefer(String proxyHttpRefer) { 98 | addPair(PROXY_HTTP_REFER, proxyHttpRefer); 99 | } 100 | 101 | public void setProxyHttpResponse(int proxyHttpResponse) { 102 | addPair(PROXY_HTTP_RESPONSE, proxyHttpResponse); 103 | } 104 | 105 | public void setProxyHttpUserAgent(String proxyHttpUserAgent) { 106 | addPair(PROXY_HTTP_USER_AGENT, proxyHttpUserAgent); 107 | } 108 | 109 | public void setProxyProduct(String proxyProduct) { 110 | addPair(PROXY_PRODUCT, proxyProduct); 111 | } 112 | 113 | public void setProxySrc(String proxySrc) { 114 | addPair(PROXY_SRC, proxySrc); 115 | } 116 | 117 | public void setProxyStatus(int proxyStatus) { 118 | addPair(PROXY_STATUS, proxyStatus); 119 | } 120 | 121 | public void setProxyUser(String proxyUser) { 122 | addPair(PROXY_USER, proxyUser); 123 | } 124 | 125 | public void setProxyUrl(String proxyUrl) { 126 | addPair(PROXY_URL, proxyUrl); 127 | } 128 | 129 | public void setProxyVendor(String proxyVendor) { 130 | addPair(PROXY_VENDOR, proxyVendor); 131 | } 132 | 133 | } 134 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/SystemCenterEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class SystemCenterEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // System center 23 | // ---------------------------------- 24 | 25 | /** 26 | * The running application or service on the system (the src field), such as 27 | * explorer.exe or sshd. 28 | */ 29 | public static String SYSTEM_CENTER_APP = "app"; 30 | /** 31 | * The amount of disk space available per drive or mount (the mount field) 32 | * on the system (the src field). 33 | */ 34 | public static String SYSTEM_CENTER_FREEMBYTES = "FreeMBytes"; 35 | /** 36 | * The version of operating system installed on the host (the src field), 37 | * such as 6.0.1.4 or 2.6.27.30-170.2.82.fc10.x86_64. 38 | */ 39 | public static String SYSTEM_CENTER_KERNEL_RELEASE = "kernel_release"; 40 | /** 41 | * Human-readable version of the SystemUptime value. 42 | */ 43 | public static String SYSTEM_CENTER_LABEL = "label"; 44 | /** 45 | * The drive or mount reporting available disk space (the FreeMBytes field) 46 | * on the system (the src field). 47 | */ 48 | public static String SYSTEM_CENTER_MOUNT = "mount"; 49 | /** 50 | * The name of the operating system installed on the host (the src), such as 51 | * Microsoft Windows Server 2003 or GNU/Linux). 52 | */ 53 | public static String SYSTEM_CENTER_OS = "os"; 54 | /** 55 | * The percentage of processor utilization. 56 | */ 57 | public static String SYSTEM_CENTER_PERCENTPROCESSORTIME = "PercentProcessorTime"; 58 | /** 59 | * The setlocaldefs setting from the SE Linux configuration. 60 | */ 61 | public static String SYSTEM_CENTER_SETLOCALDEFS = "setlocaldefs"; 62 | /** 63 | * Values from the SE Linux configuration file. 64 | */ 65 | public static String SYSTEM_CENTER_SELINUX = "selinux"; 66 | /** 67 | * The SE Linux type (such as targeted). 68 | */ 69 | public static String SYSTEM_CENTER_SELINUXTYPE = "selinuxtype"; 70 | /** 71 | * The shell provided to the User Account (the user field) upon logging into 72 | * the system (the src field). 73 | */ 74 | public static String SYSTEM_CENTER_SHELL = "shell"; 75 | /** 76 | * The TCP/UDP source port on the system (the src field). 77 | */ 78 | public static String SYSTEM_CENTER_SRC_PORT = "src_port"; 79 | /** 80 | * The sshd protocol version. 81 | */ 82 | public static String SYSTEM_CENTER_SSHD_PROTOCOL = "sshd_protocol"; 83 | /** 84 | * The start mode of the given service. 85 | */ 86 | public static String SYSTEM_CENTER_STARTMODE = "Startmode"; 87 | /** 88 | * The number of seconds since the system (the src) has been "up." 89 | */ 90 | public static String SYSTEM_CENTER_SYSTEMUPTIME = "SystemUptime"; 91 | /** 92 | * The total amount of available memory on the system (the src). 93 | */ 94 | public static String SYSTEM_CENTER_TOTALMBYTES = "TotalMBytes"; 95 | /** 96 | * The amount of used memory on the system (the src). 97 | */ 98 | public static String SYSTEM_CENTER_USEDMBYTES = "UsedMBytes"; 99 | /** 100 | * The User Account present on the system (the src). 101 | */ 102 | public static String SYSTEM_CENTER_USER = "user"; 103 | /** 104 | * The number of updates the system (the src) is missing. 105 | */ 106 | public static String SYSTEM_CENTER_UPDATES = "updates"; 107 | 108 | public void setSystemCenterApp(String systemCenterApp) { 109 | addPair(SYSTEM_CENTER_APP, systemCenterApp); 110 | } 111 | 112 | public void setSystemCenterFreembytes(long systemCenterFreembytes) { 113 | addPair(SYSTEM_CENTER_FREEMBYTES, systemCenterFreembytes); 114 | } 115 | 116 | public void setSystemCenterKernelRelease(String systemCenterKernelRelease) { 117 | addPair(SYSTEM_CENTER_KERNEL_RELEASE, systemCenterKernelRelease); 118 | } 119 | 120 | public void setSystemCenterLabel(String systemCenterLabel) { 121 | addPair(SYSTEM_CENTER_LABEL, systemCenterLabel); 122 | } 123 | 124 | public void setSystemCenterMount(String systemCenterMount) { 125 | addPair(SYSTEM_CENTER_MOUNT, systemCenterMount); 126 | } 127 | 128 | public void setSystemCenterOs(String systemCenterOs) { 129 | addPair(SYSTEM_CENTER_OS, systemCenterOs); 130 | } 131 | 132 | public void setSystemCenterPercentprocessortime(int systemCenterPercentprocessortime) { 133 | addPair(SYSTEM_CENTER_PERCENTPROCESSORTIME, systemCenterPercentprocessortime); 134 | } 135 | 136 | public void setSystemCenterSetlocaldefs(int systemCenterSetlocaldefs) { 137 | addPair(SYSTEM_CENTER_SETLOCALDEFS, systemCenterSetlocaldefs); 138 | } 139 | 140 | public void setSystemCenterSelinux(String systemCenterSelinux) { 141 | addPair(SYSTEM_CENTER_SELINUX, systemCenterSelinux); 142 | } 143 | 144 | public void setSystemCenterSelinuxtype(String systemCenterSelinuxtype) { 145 | addPair(SYSTEM_CENTER_SELINUXTYPE, systemCenterSelinuxtype); 146 | } 147 | 148 | public void setSystemCenterShell(String systemCenterShell) { 149 | addPair(SYSTEM_CENTER_SHELL, systemCenterShell); 150 | } 151 | 152 | public void setSystemCenterSrcPort(int systemCenterSrcPort) { 153 | addPair(SYSTEM_CENTER_SRC_PORT, systemCenterSrcPort); 154 | } 155 | 156 | public void setSystemCenterSshdProtocol(String systemCenterSshdProtocol) { 157 | addPair(SYSTEM_CENTER_SSHD_PROTOCOL, systemCenterSshdProtocol); 158 | } 159 | 160 | public void setSystemCenterStartmode(String systemCenterStartmode) { 161 | addPair(SYSTEM_CENTER_STARTMODE, systemCenterStartmode); 162 | } 163 | 164 | public void setSystemCenterSystemuptime(long systemCenterSystemuptime) { 165 | addPair(SYSTEM_CENTER_SYSTEMUPTIME, systemCenterSystemuptime); 166 | } 167 | 168 | public void setSystemCenterTotalmbytes(long systemCenterTotalmbytes) { 169 | addPair(SYSTEM_CENTER_TOTALMBYTES, systemCenterTotalmbytes); 170 | } 171 | 172 | public void setSystemCenterUsedmbytes(long systemCenterUsedmbytes) { 173 | addPair(SYSTEM_CENTER_USEDMBYTES, systemCenterUsedmbytes); 174 | } 175 | 176 | public void setSystemCenterUser(String systemCenterUser) { 177 | addPair(SYSTEM_CENTER_USER, systemCenterUser); 178 | } 179 | 180 | public void setSystemCenterUpdates(long systemCenterUpdates) { 181 | addPair(SYSTEM_CENTER_UPDATES, systemCenterUpdates); 182 | } 183 | 184 | } 185 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/TrafficEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class TrafficEvent extends SplunkEvent { 21 | 22 | // ---------------------------------- 23 | // Traffic 24 | // ---------------------------------- 25 | 26 | /** 27 | * The destination of the network traffic. If your field is named dest_host, 28 | * dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest to make it 29 | * CIM-compliant. 30 | */ 31 | public static String TRAFFIC_DEST = "dest"; 32 | /** 33 | * The name of the packet filtering device. If your field is named dvc_host, 34 | * dvc_ip, or dvc_nt_host you can alias it as dvc to make it CIM-compliant. 35 | */ 36 | public static String TRAFFIC_DVC = "dvc"; 37 | /** 38 | * The source of the network traffic. If your field is named src_host, 39 | * src_ip, src_ipv6, or src_nt_host you can alias it as src to make it 40 | * CIM-compliant. 41 | */ 42 | public static String TRAFFIC_SRC = "src"; 43 | 44 | public void setTrafficDest(String trafficDest) { 45 | addPair(TRAFFIC_DEST, trafficDest); 46 | } 47 | 48 | public void setTrafficDvc(String trafficDvc) { 49 | addPair(TRAFFIC_DVC, trafficDvc); 50 | } 51 | 52 | public void setTrafficSrc(String trafficSrc) { 53 | addPair(TRAFFIC_SRC, trafficSrc); 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/UserInfoUpdateEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class UserInfoUpdateEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // User information updates 23 | // ---------------------------------- 24 | 25 | /** 26 | * A user that has been affected by a change. For example, user fflanda 27 | * changed the name of user rhallen, so affected_user=rhallen. 28 | */ 29 | public static String USER_INFO_UPDATES_AFFECTED_USER = "affected_user"; 30 | /** 31 | * The user group affected by a change. 32 | */ 33 | public static String USER_INFO_UPDATES_AFFECTED_USER_GROUP = "affected_user_group"; 34 | /** 35 | * The identifier of the user group affected by a change. 36 | */ 37 | public static String USER_INFO_UPDATES_AFFECTED_USER_GROUP_ID = "affected_user_group_id"; 38 | /** 39 | * The identifier of the user affected by a change. 40 | */ 41 | public static String USER_INFO_UPDATES_AFFECTED_USER_ID = "affected_user_id"; 42 | /** 43 | * The security context associated with the user affected by a change. 44 | */ 45 | public static String USER_INFO_UPDATES_AFFECTED_USER_PRIVILEGE = "affected_user_privilege"; 46 | /** 47 | * The name of the user affected by the recorded event. 48 | */ 49 | public static String USER_INFO_UPDATES_USER = "user"; 50 | /** 51 | * A user group that is the object of an event, expressed in human-readable 52 | * terms. 53 | */ 54 | public static String USER_INFO_UPDATES_USER_GROUP = "user_group"; 55 | /** 56 | * The numeric identifier assigned to the user group event object. 57 | */ 58 | public static String USER_INFO_UPDATES_USER_GROUP_ID = "user_group_id"; 59 | /** 60 | * The system-assigned identifier for the user affected by an event. 61 | */ 62 | public static String USER_INFO_UPDATES_USER_ID = "user_id"; 63 | /** 64 | * The security context associated with the object of an event (the affected 65 | * user). 66 | */ 67 | public static String USER_INFO_UPDATES_USER_PRIVILEGE = "user_privilege"; 68 | /** 69 | * The name of the user that is the subject of an event--the user executing 70 | * the action, in other words. 71 | */ 72 | public static String USER_INFO_UPDATES_USER_SUBJECT = "user_subject"; 73 | /** 74 | * The ID number of the user that is the subject of an event. 75 | */ 76 | public static String USER_INFO_UPDATES_USER_SUBJECT_ID = "user_subject_id"; 77 | /** 78 | * The security context associated with the subject of an event (the user 79 | * causing a change). 80 | */ 81 | public static String USER_INFO_UPDATES_USER_SUBJECT_PRIVILEGE = "user_subject_privilege"; 82 | public void setUserInfoUpdatesAffectedUser(String userInfoUpdatesAffectedUser) { 83 | addPair(USER_INFO_UPDATES_AFFECTED_USER, userInfoUpdatesAffectedUser); 84 | } 85 | 86 | public void setUserInfoUpdatesAffectedUserGroup(String userInfoUpdatesAffectedUserGroup) { 87 | addPair(USER_INFO_UPDATES_AFFECTED_USER_GROUP, userInfoUpdatesAffectedUserGroup); 88 | } 89 | 90 | public void setUserInfoUpdatesAffectedUserGroupId(int userInfoUpdatesAffectedUserGroupId) { 91 | addPair(USER_INFO_UPDATES_AFFECTED_USER_GROUP_ID, userInfoUpdatesAffectedUserGroupId); 92 | } 93 | 94 | public void setUserInfoUpdatesAffectedUserId(int userInfoUpdatesAffectedUserId) { 95 | addPair(USER_INFO_UPDATES_AFFECTED_USER_ID, userInfoUpdatesAffectedUserId); 96 | } 97 | 98 | public void setUserInfoUpdatesAffectedUserPrivilege(String userInfoUpdatesAffectedUserPrivilege) { 99 | addPair(USER_INFO_UPDATES_AFFECTED_USER_PRIVILEGE, userInfoUpdatesAffectedUserPrivilege); 100 | } 101 | 102 | public void setUserInfoUpdatesUser(String userInfoUpdatesUser) { 103 | addPair(USER_INFO_UPDATES_USER, userInfoUpdatesUser); 104 | } 105 | 106 | public void setUserInfoUpdatesUserGroup(String userInfoUpdatesUserGroup) { 107 | addPair(USER_INFO_UPDATES_USER_GROUP, userInfoUpdatesUserGroup); 108 | } 109 | 110 | public void setUserInfoUpdatesUserGroupId(int userInfoUpdatesUserGroupId) { 111 | addPair(USER_INFO_UPDATES_USER_GROUP_ID, userInfoUpdatesUserGroupId); 112 | } 113 | 114 | public void setUserInfoUpdatesUserId(int userInfoUpdatesUserId) { 115 | addPair(USER_INFO_UPDATES_USER_ID, userInfoUpdatesUserId); 116 | } 117 | 118 | public void setUserInfoUpdatesUserPrivilege(String userInfoUpdatesUserPrivilege) { 119 | addPair(USER_INFO_UPDATES_USER_PRIVILEGE, userInfoUpdatesUserPrivilege); 120 | } 121 | 122 | public void setUserInfoUpdatesUserSubject(String userInfoUpdatesUserSubject) { 123 | addPair(USER_INFO_UPDATES_USER_SUBJECT, userInfoUpdatesUserSubject); 124 | } 125 | 126 | public void setUserInfoUpdatesUserSubjectId(int userInfoUpdatesUserSubjectId) { 127 | addPair(USER_INFO_UPDATES_USER_SUBJECT_ID, userInfoUpdatesUserSubjectId); 128 | } 129 | 130 | public void setUserInfoUpdatesUserSubjectPrivilege(String userInfoUpdatesUserSubjectPrivilege) { 131 | addPair(USER_INFO_UPDATES_USER_SUBJECT_PRIVILEGE, userInfoUpdatesUserSubjectPrivilege); 132 | } 133 | 134 | } 135 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/VulnerabilityEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class VulnerabilityEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Vulnerability 23 | // ---------------------------------- 24 | 25 | /** 26 | * The category of the discovered vulnerability. 27 | */ 28 | public static String VULNERABILITY_CATEGORY = "category"; 29 | /** 30 | * The host with the discovered vulnerability. If your field is named 31 | * dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest 32 | * to make it CIM-compliant. 33 | */ 34 | public static String VULNERABILITY_DEST = "dest"; 35 | /** 36 | * The operating system of the host containing the vulnerability detected on 37 | * the client (the src field), such as SuSE Security Update, or cups 38 | * security update. 39 | */ 40 | public static String VULNERABILITY_OS = "os"; 41 | /** 42 | * The severity of the discovered vulnerability. 43 | */ 44 | public static String VULNERABILITY_SEVERITY = "severity"; 45 | /** 46 | * The name of the vulnerability detected on the client (the src field), 47 | * such as SuSE Security Update, or cups security update. 48 | */ 49 | public static String VULNERABILITY_SIGNATURE = "signature"; 50 | 51 | public void setVulnerabilityCategory(String vulnerabilityCategory) { 52 | addPair(VULNERABILITY_CATEGORY, vulnerabilityCategory); 53 | } 54 | 55 | public void setVulnerabilityDest(String vulnerabilityDest) { 56 | addPair(VULNERABILITY_DEST, vulnerabilityDest); 57 | } 58 | 59 | public void setVulnerabilityOs(String vulnerabilityOs) { 60 | addPair(VULNERABILITY_OS, vulnerabilityOs); 61 | } 62 | 63 | public void setVulnerabilitySeverity(String vulnerabilitySeverity) { 64 | addPair(VULNERABILITY_SEVERITY, vulnerabilitySeverity); 65 | } 66 | 67 | public void setVulnerabilitySignature(String vulnerabilitySignature) { 68 | addPair(VULNERABILITY_SIGNATURE, vulnerabilitySignature); 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/event/WindowsAdminEvent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | /** 16 | * @author David Turanski 17 | * 18 | */ 19 | @SuppressWarnings("serial") 20 | public class WindowsAdminEvent extends SplunkEvent { 21 | // ---------------------------------- 22 | // Windows administration 23 | // ---------------------------------- 24 | 25 | /** 26 | * The object name (associated only with Windows). 27 | */ 28 | public static String WINDOWS_ADMIN_OBJECT_NAME = "object_name"; 29 | /** 30 | * The object type (associated only with Windows). 31 | */ 32 | public static String WINDOWS_ADMIN_OBJECT_TYPE = "object_type"; 33 | /** 34 | * The object handle (associated only with Windows). 35 | */ 36 | public static String WINDOWS_ADMIN_OBJECT_HANDLE = "object_handle"; 37 | 38 | public void setWindowsAdminObjectName(String windowsAdminObjectName) { 39 | addPair(WINDOWS_ADMIN_OBJECT_NAME, windowsAdminObjectName); 40 | } 41 | 42 | public void setWindowsAdminObjectType(String windowsAdminObjectType) { 43 | addPair(WINDOWS_ADMIN_OBJECT_TYPE, windowsAdminObjectType); 44 | } 45 | 46 | public void setWindowsAdminObjectHandle(String windowsAdminObjectHandle) { 47 | addPair(WINDOWS_ADMIN_OBJECT_HANDLE, windowsAdminObjectHandle); 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/inbound/SplunkPollingChannelAdapter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.inbound; 17 | 18 | import java.util.List; 19 | 20 | import org.springframework.integration.context.IntegrationObjectSupport; 21 | import org.springframework.integration.core.MessageSource; 22 | import org.springframework.integration.splunk.event.SplunkEvent; 23 | import org.springframework.integration.splunk.support.SplunkExecutor; 24 | import org.springframework.integration.support.MessageBuilder; 25 | import org.springframework.messaging.Message; 26 | import org.springframework.util.Assert; 27 | 28 | /** 29 | * Polling data from Splunk to generate Message 30 | * 31 | * @author Jarred Li 32 | * @since 1.0 33 | * 34 | */ 35 | public class SplunkPollingChannelAdapter extends IntegrationObjectSupport implements MessageSource> { 36 | 37 | private final SplunkExecutor splunkExecutor; 38 | 39 | /** 40 | * Constructor taking a {@link SplunkExecutor} that provide all required Splunk 41 | * functionality. 42 | * 43 | * @param splunkExecutor Must not be null. 44 | */ 45 | public SplunkPollingChannelAdapter(SplunkExecutor splunkExecutor) { 46 | super(); 47 | Assert.notNull(splunkExecutor, "splunkExecutor must not be null."); 48 | this.splunkExecutor = splunkExecutor; 49 | } 50 | 51 | /** 52 | * Check for mandatory attributes 53 | */ 54 | @Override 55 | protected void onInit() throws Exception { 56 | super.onInit(); 57 | } 58 | 59 | /** 60 | * Uses {@link SplunkExecutor#poll()} to executes the Splunk operation. 61 | * 62 | * If {@link SplunkExecutor#poll()} returns null, this method will return 63 | * null. Otherwise, a new {@link Message} is constructed and returned. 64 | */ 65 | public Message> receive() { 66 | List payload = splunkExecutor.poll(); 67 | if (payload == null) { 68 | return null; 69 | } 70 | return MessageBuilder.withPayload(payload).build(); 71 | } 72 | 73 | @Override 74 | public String getComponentType() { 75 | return "splunk:inbound-channel-adapter"; 76 | } 77 | 78 | } 79 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/inbound/package-info.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Provides inbound Spring Integration Splunk components. 3 | */ 4 | package org.springframework.integration.splunk.inbound; 5 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/outbound/SplunkOutboundChannelAdapter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.outbound; 18 | 19 | import org.springframework.integration.handler.AbstractReplyProducingMessageHandler; 20 | import org.springframework.integration.splunk.support.SplunkExecutor; 21 | import org.springframework.integration.support.MessageBuilder; 22 | import org.springframework.messaging.Message; 23 | import org.springframework.util.Assert; 24 | 25 | 26 | /** 27 | * Handle message and write data into Splunk 28 | * 29 | * @author Jarred Li 30 | * @since 1.0 31 | * 32 | */ 33 | public class SplunkOutboundChannelAdapter extends AbstractReplyProducingMessageHandler { 34 | 35 | private final SplunkExecutor splunkExecutor; 36 | private boolean producesReply = true; //false for outbound-channel-adapter, true for outbound-gateway 37 | 38 | /** 39 | * Constructor taking an {@link SplunkExecutor} that wraps common 40 | * Splunk Operations. 41 | * 42 | * @param splunkExecutor Must not be null 43 | * 44 | */ 45 | public SplunkOutboundChannelAdapter(SplunkExecutor splunkExecutor) { 46 | Assert.notNull(splunkExecutor, "splunkExecutor must not be null."); 47 | this.splunkExecutor = splunkExecutor; 48 | } 49 | 50 | 51 | @Override 52 | protected Object handleRequestMessage(Message requestMessage) { 53 | final Object result; 54 | result = this.splunkExecutor.write(requestMessage); 55 | if (result == null || !producesReply) { 56 | return null; 57 | } 58 | return MessageBuilder.withPayload(result).copyHeaders(requestMessage.getHeaders()).build(); 59 | 60 | } 61 | 62 | /** 63 | * If set to 'false', this component will act as an Outbound Channel Adapter. 64 | * If not explicitly set this property will default to 'true'. 65 | * 66 | * @param producesReply Defaults to 'true'. 67 | * 68 | */ 69 | public void setProducesReply(boolean producesReply) { 70 | this.producesReply = producesReply; 71 | } 72 | 73 | } 74 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/outbound/package-info.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Provides Spring Integration components for doing outbound operations. 3 | */ 4 | package org.springframework.integration.splunk.outbound; 5 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/AbstractSplunkDataWriter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.support; 17 | 18 | import java.io.IOException; 19 | import java.io.OutputStream; 20 | import java.io.OutputStreamWriter; 21 | import java.io.Writer; 22 | import java.net.Socket; 23 | 24 | import org.apache.commons.logging.Log; 25 | import org.apache.commons.logging.LogFactory; 26 | import org.springframework.context.SmartLifecycle; 27 | import org.springframework.integration.splunk.core.DataWriter; 28 | import org.springframework.integration.splunk.core.ServiceFactory; 29 | import org.springframework.integration.splunk.event.SplunkEvent; 30 | import org.springframework.util.Assert; 31 | 32 | import com.splunk.Args; 33 | import com.splunk.Service; 34 | 35 | /** 36 | * Base class for {@link DataWriter}s to write data into Splunk. 37 | * 38 | * @author Jarred Li 39 | * @author David Turanski 40 | * @since 1.0 41 | * 42 | */ 43 | public abstract class AbstractSplunkDataWriter implements DataWriter, SmartLifecycle { 44 | 45 | protected final Log logger = LogFactory.getLog(getClass()); 46 | 47 | protected Socket socket; 48 | 49 | protected Service service; 50 | 51 | protected Args args; 52 | 53 | private boolean running; 54 | 55 | private int phase; 56 | 57 | private boolean autoStartup = true; 58 | 59 | private final ServiceFactory serviceFactory; 60 | 61 | 62 | 63 | protected AbstractSplunkDataWriter(ServiceFactory serviceFactory, Args args) { 64 | Assert.notNull(serviceFactory,"service factory cannot be null"); 65 | this.serviceFactory = serviceFactory; 66 | 67 | Assert.notNull(args, "args cannot be null"); 68 | this.args = args; 69 | } 70 | 71 | public void write(SplunkEvent event) throws Exception { 72 | if (logger.isDebugEnabled()) { 73 | logger.debug("writing event to splunk:" + event); 74 | } 75 | 76 | doWrite(event, socket, service, args); 77 | } 78 | 79 | protected void doWrite(SplunkEvent event, Socket socket, Service service, Args args) throws IOException { 80 | OutputStream ostream = socket.getOutputStream(); 81 | Writer writer = new OutputStreamWriter(ostream, "UTF8"); 82 | writer.write(event.toString()); 83 | writer.flush(); 84 | } 85 | 86 | protected abstract Socket createSocket(Service service) throws IOException; 87 | 88 | 89 | public Args getArgs() { 90 | return args; 91 | } 92 | 93 | /* (non-Javadoc) 94 | * @see org.springframework.context.Lifecycle#start() 95 | */ 96 | public synchronized void start() { 97 | try { 98 | service = serviceFactory.getService(); 99 | socket = createSocket(service); 100 | 101 | } catch (Exception e) { 102 | throw new RuntimeException(e); 103 | } 104 | this.running = true; 105 | } 106 | 107 | /* (non-Javadoc) 108 | * @see org.springframework.context.Lifecycle#stop() 109 | */ 110 | public synchronized void stop() { 111 | if (!running) { 112 | return; 113 | } 114 | try { 115 | if (socket != null) { 116 | socket.close(); 117 | } 118 | } catch (Exception e) { 119 | throw new RuntimeException(e); 120 | } 121 | 122 | this.running = false; 123 | } 124 | 125 | /* (non-Javadoc) 126 | * @see org.springframework.context.Lifecycle#isRunning() 127 | */ 128 | public boolean isRunning() { 129 | return this.running; 130 | } 131 | 132 | /* (non-Javadoc) 133 | * @see org.springframework.context.Phased#getPhase() 134 | */ 135 | public int getPhase() { 136 | return this.phase; 137 | } 138 | 139 | public void setPhase(int phase) { 140 | this.phase = phase; 141 | } 142 | 143 | /* (non-Javadoc) 144 | * @see org.springframework.context.SmartLifecycle#isAutoStartup() 145 | */ 146 | public boolean isAutoStartup() { 147 | return this.autoStartup; 148 | } 149 | 150 | public void setAutoStartup(boolean autoStartup) { 151 | this.autoStartup = autoStartup; 152 | } 153 | 154 | /* (non-Javadoc) 155 | * @see org.springframework.context.SmartLifecycle#stop(java.lang.Runnable) 156 | */ 157 | public synchronized void stop(Runnable callback) { 158 | this.stop(); 159 | callback.run(); 160 | } 161 | } 162 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/ArgsBuilder.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.support; 14 | 15 | import com.splunk.Args; 16 | 17 | /** 18 | * Build {@link Args} instance. Supports method chaining 19 | * @author David Turanski 20 | * 21 | */ 22 | public class ArgsBuilder { 23 | 24 | private String sourceType; 25 | private String source; 26 | private String host; 27 | private String hostRegex; 28 | 29 | public Args build() { 30 | Args args = new Args(); 31 | if (sourceType != null) { 32 | args.put("sourcetype", sourceType); 33 | } 34 | if (source != null) { 35 | args.put("source", source); 36 | } 37 | 38 | if (host != null) { 39 | args.put("host", host); 40 | } 41 | 42 | if (hostRegex != null) { 43 | args.put("host_regex", hostRegex); 44 | } 45 | return args; 46 | } 47 | 48 | /** 49 | * @param sourceType the sourceType to set 50 | */ 51 | public ArgsBuilder setSourceType(String sourceType) { 52 | this.sourceType = sourceType; 53 | return this; 54 | } 55 | 56 | /** 57 | * @param source the source to set 58 | */ 59 | public ArgsBuilder setSource(String source) { 60 | this.source = source; 61 | return this; 62 | } 63 | 64 | /** 65 | * @param host the host to set 66 | */ 67 | public ArgsBuilder setHost(String host) { 68 | this.host = host; 69 | return this; 70 | } 71 | 72 | /** 73 | * @param hostRegex the hostRegex to set 74 | */ 75 | public ArgsBuilder setHostRegex(String hostRegex) { 76 | this.hostRegex = hostRegex; 77 | return this; 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SearchMode.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.support; 17 | 18 | /** 19 | * Search mode supported by Splunk. 20 | * 21 | * Blocking: Run synchronous search API 22 | * Normal: Run asynchronous search API 23 | * Realtime: Run the searches which are over a defined real time window 24 | * Export: Run synchronously in your code , best way for bulk exports of events from Splunk 25 | * Saved: Run predefined searches/parameters that are saved in Splunk in a namespace and you can execute them by name 26 | * 27 | * @author Jarred Li 28 | * @since 1.0 29 | * 30 | */ 31 | public enum SearchMode { 32 | BLOCKING, NORMAL, REALTIME, EXPORT, SAVEDSEARCH; 33 | } -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkArgsFactoryBean.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.support; 14 | 15 | import org.springframework.beans.factory.FactoryBean; 16 | 17 | import com.splunk.Args; 18 | 19 | /** 20 | * {@link FactoryBean} that wraps {@link ArgsBuilder} 21 | * @author David Turanski 22 | * 23 | */ 24 | public class SplunkArgsFactoryBean implements FactoryBean { 25 | private ArgsBuilder argsBuilder = new ArgsBuilder(); 26 | 27 | /* (non-Javadoc) 28 | * @see org.springframework.beans.factory.FactoryBean#getObject() 29 | */ 30 | public Args getObject() throws Exception { 31 | return argsBuilder.build(); 32 | } 33 | 34 | /* (non-Javadoc) 35 | * @see org.springframework.beans.factory.FactoryBean#getObjectType() 36 | */ 37 | public Class getObjectType() { 38 | return Args.class; 39 | } 40 | 41 | /* (non-Javadoc) 42 | * @see org.springframework.beans.factory.FactoryBean#isSingleton() 43 | */ 44 | public boolean isSingleton() { 45 | return true; 46 | } 47 | 48 | /** 49 | * @param host the host to set 50 | */ 51 | public void setHost(String host) { 52 | this.argsBuilder.setHost(host); 53 | } 54 | 55 | /** 56 | * @param hostRegex the hostRegex to set 57 | */ 58 | public void setHostRegex(String hostRegex) { 59 | this.argsBuilder.setHostRegex(hostRegex); 60 | } 61 | 62 | /** 63 | * @param sourceType the sourceType to set 64 | */ 65 | public void setSourceType(String sourceType) { 66 | this.argsBuilder.setSourceType(sourceType); 67 | } 68 | 69 | /** 70 | * @param source the source to set 71 | */ 72 | public void setSource(String source) { 73 | this.argsBuilder.setSource(source); 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkExecutor.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.support; 17 | 18 | import java.util.List; 19 | 20 | import org.apache.commons.logging.Log; 21 | import org.apache.commons.logging.LogFactory; 22 | import org.springframework.messaging.MessageHandlingException; 23 | import org.springframework.integration.splunk.core.DataReader; 24 | import org.springframework.integration.splunk.core.DataWriter; 25 | import org.springframework.integration.splunk.event.SplunkEvent; 26 | import org.springframework.messaging.Message; 27 | import org.springframework.messaging.MessagingException; 28 | 29 | /** 30 | * Bundles common core logic for the Splunk components. 31 | * 32 | * @author Jarred Li 33 | * @author David Turanski 34 | * @since 1.0 35 | * 36 | */ 37 | public class SplunkExecutor { 38 | 39 | private static final Log logger = LogFactory.getLog(SplunkExecutor.class); 40 | 41 | private DataReader reader; 42 | private DataWriter writer; 43 | 44 | /** 45 | * Executes the outbound Splunk Operation. 46 | */ 47 | public Object write(final Message message) { 48 | try { 49 | SplunkEvent payload = (SplunkEvent) message.getPayload(); 50 | writer.write(payload); 51 | } catch (Exception e) { 52 | String errorMsg = "error in writing data into Splunk"; 53 | logger.warn(errorMsg, e); 54 | throw new MessageHandlingException(message, errorMsg, e); 55 | } 56 | return null; 57 | } 58 | 59 | public void handleMessage(final Message message) { 60 | write(message); 61 | } 62 | 63 | /** 64 | * Execute the Splunk operation. 65 | */ 66 | public List poll() { 67 | logger.debug("poll start:"); 68 | List queryData = null; 69 | try { 70 | queryData = reader.read(); 71 | } catch (Exception e) { 72 | String errorMsg = "search Splunk data failed"; 73 | logger.warn(errorMsg, e); 74 | throw new MessagingException(errorMsg, e); 75 | } 76 | return queryData; 77 | } 78 | 79 | public void setReader(DataReader reader) { 80 | this.reader = reader; 81 | } 82 | 83 | public void setWriter(DataWriter writer) { 84 | this.writer = writer; 85 | } 86 | 87 | 88 | } 89 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkIndexWriter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with 6 | * the License. You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, 11 | * software distributed under the License is distributed on 12 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, 13 | * either express or implied. See the License for the 14 | * specific language governing permissions and limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.support; 18 | 19 | import java.io.IOException; 20 | import java.net.Socket; 21 | 22 | import com.splunk.Args; 23 | import com.splunk.Index; 24 | import com.splunk.Receiver; 25 | import com.splunk.Service; 26 | 27 | import org.springframework.integration.splunk.core.ServiceFactory; 28 | import org.springframework.util.Assert; 29 | 30 | /** 31 | * 32 | * DataWriter to stream data into Splunk using an optional index. If no index specified, 33 | * the main default index is used. 34 | * 35 | * @author Jarred Li 36 | * @author David Turanski 37 | * @author Olivier Lamy 38 | * @since 1.0 39 | */ 40 | public class SplunkIndexWriter extends AbstractSplunkDataWriter { 41 | 42 | private String index; 43 | 44 | public SplunkIndexWriter(ServiceFactory serviceFactory, Args args) { 45 | super(serviceFactory, args); 46 | } 47 | 48 | @Override 49 | protected Socket createSocket(Service service) throws IOException { 50 | Index indexObject = null; 51 | Receiver receiver = null; 52 | Socket socket = null; 53 | 54 | if (index != null) { 55 | indexObject = service.getIndexes().get(index); 56 | Assert.notNull(indexObject, String.format("cannot find index [%s]", index)); 57 | socket = indexObject.attach(args); 58 | 59 | } 60 | else { 61 | receiver = service.getReceiver(); 62 | socket = receiver.attach(args); 63 | } 64 | if (logger.isDebugEnabled()) { 65 | logger.debug(String.format("created a socket on %s", socket.getRemoteSocketAddress())); 66 | } 67 | return socket; 68 | } 69 | 70 | 71 | public String getIndex() { 72 | return index; 73 | } 74 | 75 | public void setIndex(String index) { 76 | this.index = index; 77 | } 78 | 79 | } 80 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkServer.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.support; 18 | 19 | import com.splunk.Service; 20 | 21 | /** 22 | * Splunk server entity 23 | * 24 | * @author Jarred Li 25 | * @author Olivier Lamy 26 | * @since 1.0 27 | * 28 | */ 29 | public class SplunkServer { 30 | 31 | private String host = Service.DEFAULT_HOST; 32 | 33 | private int port = Service.DEFAULT_PORT; 34 | 35 | private String scheme = Service.DEFAULT_SCHEME; 36 | 37 | private String app; 38 | 39 | private String owner; 40 | 41 | private String username; 42 | 43 | private String password; 44 | 45 | private int timeout; 46 | 47 | /** 48 | * if true the framework will test the connectivity before give back the connection. 49 | */ 50 | private boolean checkServiceOnBorrow = false; 51 | 52 | /** 53 | * @return the host 54 | */ 55 | public String getHost() { 56 | return host; 57 | } 58 | 59 | /** 60 | * @param host the host to set 61 | */ 62 | public void setHost(String host) { 63 | this.host = host; 64 | } 65 | 66 | /** 67 | * @return the port 68 | */ 69 | public int getPort() { 70 | return port; 71 | } 72 | 73 | /** 74 | * @param port the port to set 75 | */ 76 | public void setPort(int port) { 77 | this.port = port; 78 | } 79 | 80 | /** 81 | * 82 | * @return the used scheme 83 | */ 84 | public String getScheme() { 85 | return scheme; 86 | } 87 | 88 | /** 89 | * 90 | * @param scheme 91 | */ 92 | public void setScheme(String scheme) { 93 | this.scheme = scheme; 94 | } 95 | 96 | /** 97 | * 98 | * @return the application 99 | */ 100 | public String getApp() { 101 | return app; 102 | } 103 | 104 | /** 105 | * 106 | * @param app 107 | */ 108 | public void setApp(String app) { 109 | this.app = app; 110 | } 111 | 112 | /** 113 | * 114 | * @return the owner 115 | */ 116 | public String getOwner() { 117 | return owner; 118 | } 119 | 120 | /** 121 | * 122 | * @param owner 123 | */ 124 | public void setOwner(String owner) { 125 | this.owner = owner; 126 | } 127 | 128 | /** 129 | * @return the userName 130 | */ 131 | public String getUsername() { 132 | return username; 133 | } 134 | 135 | /** 136 | * @param username the username to set 137 | */ 138 | public void setUsername(String username) { 139 | this.username = username; 140 | } 141 | 142 | /** 143 | * @return the password 144 | */ 145 | public String getPassword() { 146 | return password; 147 | } 148 | 149 | /** 150 | * @param password the password to set 151 | */ 152 | public void setPassword(String password) { 153 | this.password = password; 154 | } 155 | 156 | /** 157 | * @return the timeout in ms. 158 | */ 159 | public int getTimeout() { 160 | return timeout; 161 | } 162 | 163 | /** 164 | * set the timeout in ms. 165 | * @param timeout 166 | */ 167 | public void setTimeout(int timeout) { 168 | this.timeout = timeout; 169 | } 170 | 171 | /** 172 | * @return {@code true/false} if there is need to check the underlying Splunk Service 173 | * @since 1.1 174 | */ 175 | public boolean isCheckServiceOnBorrow() { 176 | return checkServiceOnBorrow; 177 | } 178 | 179 | /** 180 | * @param checkServiceOnBorrow the {@code checkServiceOnBorrow} flag 181 | * @since 1.1 182 | */ 183 | public void setCheckServiceOnBorrow(boolean checkServiceOnBorrow) { 184 | this.checkServiceOnBorrow = checkServiceOnBorrow; 185 | } 186 | 187 | @Override 188 | public boolean equals(Object o) { 189 | if (this == o) { 190 | return true; 191 | } 192 | if (o == null || getClass() != o.getClass()) { 193 | return false; 194 | } 195 | 196 | SplunkServer that = SplunkServer.class.cast(o); 197 | 198 | return port == that.port && host.equals(that.host); 199 | 200 | } 201 | 202 | @Override 203 | public int hashCode() { 204 | int result = host.hashCode(); 205 | result = 31 * result + port; 206 | return result; 207 | } 208 | 209 | @Override 210 | public String toString() { 211 | return "SplunkServer{" + 212 | "host='" + host + '\'' + 213 | ", port=" + port + 214 | ", scheme='" + scheme + '\'' + 215 | ", app='" + app + '\'' + 216 | '}'; 217 | } 218 | } 219 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkServiceFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | 14 | package org.springframework.integration.splunk.support; 15 | 16 | import java.util.ArrayList; 17 | import java.util.Arrays; 18 | import java.util.HashMap; 19 | import java.util.List; 20 | import java.util.Map; 21 | import java.util.concurrent.Callable; 22 | import java.util.concurrent.ConcurrentHashMap; 23 | import java.util.concurrent.ExecutorService; 24 | import java.util.concurrent.Executors; 25 | import java.util.concurrent.Future; 26 | import java.util.concurrent.TimeUnit; 27 | 28 | import javax.xml.bind.DatatypeConverter; 29 | 30 | import com.splunk.Service; 31 | import org.apache.commons.logging.Log; 32 | import org.apache.commons.logging.LogFactory; 33 | 34 | import org.springframework.beans.factory.FactoryBean; 35 | import org.springframework.integration.splunk.core.ServiceFactory; 36 | import org.springframework.util.Assert; 37 | 38 | /** 39 | * A {@link FactoryBean} for creating a {@link Service} 40 | * 41 | * @author David Turanski 42 | * @author Olivier Lamy 43 | */ 44 | public class SplunkServiceFactory implements ServiceFactory { 45 | 46 | private static final Log LOGGER = LogFactory.getLog(SplunkServiceFactory.class); 47 | 48 | private final List splunkServers; 49 | 50 | private final Map servicePerServer = new ConcurrentHashMap(); 51 | 52 | 53 | public SplunkServiceFactory(SplunkServer splunkServer) { 54 | Assert.notNull(splunkServer); 55 | this.splunkServers = Arrays.asList(splunkServer); 56 | } 57 | 58 | /** 59 | * @param splunkServers the {@code List} to build this {@code SplunkServiceFactory} 60 | * @since 1.1 61 | */ 62 | public SplunkServiceFactory(List splunkServers) { 63 | Assert.notEmpty(splunkServers); 64 | this.splunkServers = new ArrayList(splunkServers); 65 | } 66 | 67 | @Override 68 | public synchronized Service getService() { 69 | return getServiceInternal(); 70 | } 71 | 72 | private Service getServiceInternal() { 73 | 74 | for (SplunkServer splunkServer : splunkServers) { 75 | Service service = servicePerServer.get(splunkServer); 76 | // service already exist and no test on borrow it so simply use it 77 | 78 | if (service != null) { 79 | if (!splunkServer.isCheckServiceOnBorrow() || pingService(service)) { 80 | return service; 81 | } 82 | else { 83 | // fail so try next server 84 | continue; 85 | } 86 | } 87 | 88 | ExecutorService executor = Executors.newSingleThreadExecutor(); 89 | 90 | Callable callable = buildServiceCallable(splunkServer); 91 | 92 | Future future = executor.submit(callable); 93 | 94 | try { 95 | if (splunkServer.getTimeout() > 0) { 96 | service = future.get(splunkServer.getTimeout(), TimeUnit.MILLISECONDS); 97 | } 98 | else { 99 | service = future.get(); 100 | } 101 | 102 | servicePerServer.put(splunkServer, service); 103 | return service; 104 | } 105 | catch (Exception e) { 106 | if (LOGGER.isInfoEnabled()) { 107 | LOGGER.info(String.format("could not connect to Splunk Server @ %s:%d - %s, try next one", 108 | splunkServer.getHost(), splunkServer.getPort(), e.getMessage())); 109 | } 110 | } 111 | } 112 | String message = String.format("could not connect to any of Splunk Servers %s", this.splunkServers); 113 | LOGGER.error(message); 114 | throw new RuntimeException(message); 115 | } 116 | 117 | private Callable buildServiceCallable(SplunkServer splunkServer) { 118 | final Map args = new HashMap(); 119 | if (splunkServer.getHost() != null) { 120 | args.put("host", splunkServer.getHost()); 121 | } 122 | if (splunkServer.getPort() != 0) { 123 | args.put("port", splunkServer.getPort()); 124 | } 125 | if (splunkServer.getScheme() != null) { 126 | args.put("scheme", splunkServer.getScheme()); 127 | } 128 | if (splunkServer.getApp() != null) { 129 | args.put("app", splunkServer.getApp()); 130 | } 131 | if (splunkServer.getOwner() != null) { 132 | args.put("owner", splunkServer.getOwner()); 133 | } 134 | 135 | args.put("username", splunkServer.getUsername()); 136 | args.put("password", splunkServer.getPassword()); 137 | 138 | String auth = splunkServer.getUsername() + ":" + splunkServer.getPassword(); 139 | String authToken = "Basic " + DatatypeConverter.printBase64Binary(auth.getBytes()); 140 | args.put("token", authToken); 141 | 142 | return new Callable() { 143 | public Service call() 144 | throws Exception { 145 | return Service.connect(args); 146 | } 147 | }; 148 | } 149 | 150 | private boolean pingService(Service service) { 151 | try { 152 | service.getInfo(); 153 | return true; 154 | } 155 | catch (Exception e) { 156 | return false; 157 | } 158 | } 159 | 160 | } 161 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkSubmitWriter.java: -------------------------------------------------------------------------------- 1 | /* 2 | /* 3 | * Copyright 2002-2013 the original author or authors. 4 | * 5 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 6 | * the License. You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 11 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 12 | * specific language governing permissions and limitations under the License. 13 | */ 14 | package org.springframework.integration.splunk.support; 15 | 16 | import java.io.IOException; 17 | import java.net.Socket; 18 | 19 | import org.springframework.integration.splunk.core.ServiceFactory; 20 | import org.springframework.integration.splunk.event.SplunkEvent; 21 | 22 | import com.splunk.Args; 23 | import com.splunk.Index; 24 | import com.splunk.Receiver; 25 | import com.splunk.Service; 26 | 27 | /** 28 | * @author David Turanski 29 | * 30 | */ 31 | public class SplunkSubmitWriter extends AbstractSplunkDataWriter { 32 | 33 | private String index; 34 | 35 | /** 36 | * @param serviceFactory 37 | * @param args 38 | */ 39 | public SplunkSubmitWriter(ServiceFactory serviceFactory, Args args) { 40 | super(serviceFactory, args); 41 | } 42 | 43 | /* 44 | * (non-Javadoc) 45 | * 46 | * @see 47 | * org.springframework.integration.splunk.support.SplunkDataWriter#doWrite 48 | * (org.springframework.integration.splunk.event.SplunkEvent, 49 | * java.net.Socket, com.splunk.Service, com.splunk.Args) 50 | */ 51 | @Override 52 | protected void doWrite(SplunkEvent event, Socket socket, Service service, 53 | Args args) throws IOException { 54 | 55 | Index index = getIndex(); 56 | if (index != null) { 57 | index.submit(args, event.toString()); 58 | } else { 59 | Receiver receiver = service.getReceiver(); 60 | receiver.submit(args, event.toString()); 61 | } 62 | } 63 | 64 | /* 65 | * (non-Javadoc) 66 | * 67 | * @see 68 | * org.springframework.integration.splunk.support.SplunkDataWriter#createSocket 69 | * (com.splunk.Service) 70 | */ 71 | @Override 72 | protected Socket createSocket(Service service) throws IOException { 73 | return null; 74 | } 75 | 76 | public void setIndex(String index) { 77 | this.index = index; 78 | } 79 | 80 | private Index getIndex() { 81 | return (index == null) ? null : service.getIndexes().get(index); 82 | } 83 | 84 | } 85 | -------------------------------------------------------------------------------- /src/main/java/org/springframework/integration/splunk/support/SplunkTcpWriter.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.support; 14 | 15 | import java.io.IOException; 16 | import java.net.Socket; 17 | 18 | import com.splunk.Args; 19 | import com.splunk.Input; 20 | import com.splunk.Service; 21 | 22 | import org.springframework.integration.splunk.core.ServiceFactory; 23 | import org.springframework.util.Assert; 24 | 25 | /** 26 | * 27 | * A {@code org.springframework.integration.splunk.core.DataWriter} 28 | * that creates a socket on a given port 29 | * 30 | * @author David Turanski 31 | * 32 | */ 33 | public class SplunkTcpWriter extends AbstractSplunkDataWriter { 34 | private int port; 35 | 36 | public SplunkTcpWriter(ServiceFactory serviceFactory, Args args) { 37 | super(serviceFactory, args); 38 | } 39 | 40 | @Override 41 | protected Socket createSocket(Service service) throws IOException { 42 | 43 | Input input = service.getInputs().get(String.valueOf(port)); 44 | Assert.notNull(input, "no input defined for port " + port); 45 | Assert.isTrue(!input.isDisabled(),String.format("input on port %d is disabled",port)); 46 | return service.open(port); 47 | } 48 | 49 | /** 50 | * @param port the port to set 51 | */ 52 | public void setPort(int port) { 53 | this.port = port; 54 | } 55 | 56 | 57 | } 58 | -------------------------------------------------------------------------------- /src/main/resources/META-INF/spring.handlers: -------------------------------------------------------------------------------- 1 | http\://www.springframework.org/schema/integration/splunk=org.springframework.integration.splunk.config.xml.SplunkNamespaceHandler 2 | -------------------------------------------------------------------------------- /src/main/resources/META-INF/spring.schemas: -------------------------------------------------------------------------------- 1 | http\://www.springframework.org/schema/integration/splunk/spring-integration-splunk-1.0.xsd=org/springframework/integration/splunk/config/xml/spring-integration-splunk-1.0.xsd 2 | http\://www.springframework.org/schema/integration/splunk/spring-integration-splunk.xsd=org/springframework/integration/splunk/config/xml/spring-integration-splunk-1.0.xsd 3 | -------------------------------------------------------------------------------- /src/main/resources/META-INF/spring.tooling: -------------------------------------------------------------------------------- 1 | # Tooling related information for the integration Splunk namespace 2 | http\://www.springframework.org/schema/integration/splunk@name=integration Splunk Namespace 3 | http\://www.springframework.org/schema/integration/splunk@prefix=int-splunk 4 | http\://www.springframework.org/schema/integration/splunk@icon=org/springframework/integration/splunk/config/xml/spring-integration-splunk.gif 5 | -------------------------------------------------------------------------------- /src/main/resources/org/springframework/integration/splunk/config/xml/spring-integration-splunk.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/spring-projects/spring-integration-splunk/b0070970a7f37acc232670ce5ae88b6eb731bff0/src/main/resources/org/springframework/integration/splunk/config/xml/spring-integration-splunk.gif -------------------------------------------------------------------------------- /src/reference/docbook/history.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | Change History 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 |
ReleaseDateChanges
0.5.02012.9.28Initial release
20 | 21 | -------------------------------------------------------------------------------- /src/reference/docbook/images/logo.png: -------------------------------------------------------------------------------- 1 | �PNG 2 |  3 | 4 | IHDR�BOA/ pHYs  �� cHRMz%������u0�`:�o�_�F%!IDATx��]g|T��>���m�mIB�4B $z�^ 5 | R�Y(J�"�J����;Ҥ7��$$��Ʀn��2�]R7aw �?�/\�����x�Ü�y%{]d}ZɗI�&5\Rr�,�~Yj^ZX�؉�{�����aƣ����z�V�]�^:Mp���m�*�ɕ&�.|�<&���/t���F���x{��5\��������� 7 | 2�)�`^̌�oR�C��Z���+ٗ����>�r��aD�(/(���x��v���?���� y�ς^�`�G˧|�aX�O阜[ObX���4����&�ϊ�����S+v��X� �>C% �a���VL����?X��TN�. ��b�?�D"�ܢ�Beqqy ����p���X���L,�c�x���,K$ )k{�g BJP�;,�bN�%��x�G|�]EH���#lEY�Z�.Q��ߚHH��l� �%e�,�i�o��ˀ�ZR}0�sǽ_��2 �>C�ctv�O����v���ѝ�W��I��(�{Z�P�� �');GG�������oX�K1݆�kq�+_��1�^��G�^,���ܱo��Ѳ��Y�\M������R���~ň��k��'yi�����p�i��خm�-�@@ ���S�o*�i]�g�x�_���]ݳ���w!D���{��!Q��|��¢�e�&\��؃'�� 8 | ˵�Be��G��������wǩ_m�-(�Z�"hՃ�����4%4�ui�� \�U�}x�����2��߁�����p5��U ( � �:�<<,<ծU���6v lW���+��}�;���:5<���w�K�fy�����E�%]��h!��^-Z_[s�˥���ܽ���-'���J`�p�ᛅ�g}=� 3����O���N���ꚓ���ώ[���?���E��t`�^�2�gxK������~[s�� 9 | d�B@����!�]��;�.٢�ʵ�y�?����b�9�� ��|���f��S�KF�f����#�a�t�����nP�#O�U����͇�ǁP"I����M'Bq 7ǭx��W��N��)!�h�ŖYz����t��=�|c���f�d~� ��A-�NO���K�����[���^V��(!Tj2��Wg}=1�Q~��w ��IVrRVJ���* �c�\���}�_�]������o��r=�N�������u��G����O� ����WW���\��tl�n�T�����2�F��&�� 7�β^Y�;��!��6�sӁc�h��a؂�sk���8I��9����a�9ER����?���������_����t��z�$< �r��W֝^�����J��%8��K�����= ���4�c�Y�ީT�� 1+�r�f͠�dҢ%b�lW��D)0�@�,,�+�� 7���+��zl�Wc�7���/�i���~ �^�xN(���wLÿ�<�6ږ����$���b3#���6t È��}N�.���Տ Vq�ƪFB}�#C�@S��Q���-��0�w̧��?���݋�Y�����;�<*���$?�.�+�96i1�� ���2'Z@W⬊��H��H9�õYtHdÿ�LT������Hm��OK`X���wgy 17 | � �2m��-t�D*�N8�������<��F�BѲ� �?��V���N�HRV^r��Cg��\흛�4 � �вMtpds7/g;��cj#��@<�� � ���k��3���)έ�]����RST<���+���m>�C[�x~�[ �ɹ��>n��=�fV:��xUa�9Wiߧe�0 #�K~p�" ��!������o~5C��ZbA�0f��>� 377���+�)� ���i�Ш�;�ޮ� ��N�)�˵*'�C-�1�#_�����g9�����ɽQZ���9���ȁ�[d0\�,:t�D��A��!��F��(7!��a�֐]X~��v�wx�c��&I4JSy���PB�Ŧ?�Hx�}�71�c��7�t܅ƜB�7i�VA����{R=�k��F����yY�F� �0�P�8Kz���CuZA&j�c��&����RF����8�w 24 | ��v���~M���`��_�q�W�d^I�� <)���z����/*BI�()}z���M�K�zd0�3��Nb��読]�V���s�O�RMax؏ ���!�E*�� 25 | I��z&�� ���1�-�+�H*�0�a ��:e�4e 26 | S��{ן6�J��n$-1�k8��u���y��HRAX�?�^�,�AA 27 | )�m}]���J�" ]<�&����s���˅�[E�Gz��1{��iJ��ʵ�")�$A��ħ'��୔��mR`��:�k�G�/�)U���ݶEx�B�×�X!@j����zL(^�ƫs�(Bѭ�_?Y�Y3�1R:�z/C�¹J�:�7�0����\-U�=�e�c�����D��%rX��͋4˕�TQ�b�g��<�_W���S'��^V^b���w��}�hB �c����D�M[7o���J������w�H��Fe�AY�V�f��AkK�1��<��ލ�#_��H�㴧�kI� ��?�M+#���2��� 28 | �Чm����:�DVlҩT{z���m9��ԍ��\R�-,�n#Hz�o�����O~i�c��t���]>�h{��G@K���à{}Ф`�@xeR�W�ښ��Ĕ�$)�^=w���:8r@�O������s�Ӭ��c�O��u�����H��C��ʵ�����n^9�֫@�V���O�:s���@X�/G��J��c֚��ʟm�@$a�Y��C-�嫌��� �M�u7��Z����N�"� 29 | v��#� �+.���W����jۙ 30 | �����֫$���w���z�7��"�|�E�(13��� � ��&��V�2���g��)�.��{ڗ�+ ���Û�㯁H*��BJ��kY�x��xWg׫ᯅ��ޓxcG��"e����%�:_���1N2G�7v���r?��~" �# 31 | l��7@� )�����*�cB/��0�D�"���ΐ�rJ�'�x{����aK^[�hʁc�z�G�N 35 | }dx�?�<���7�G^�w��s���J�cA�l��{���z�4��j� 8n�aVJ&}�� ��jl�����wgVU��k�VB��`�wV�;��Z  �+��e@U&Ig�zGJ��7�*���Չ���Am�[�����.?����&qrے}u;�ޥת>s����E����r}˕��7���KuퟫW�|y��'{��V�&�r����,�" �+a��H�� �%B���H��q=G��9�HY����Z�G٩�%���n��Y�آ�D�6��#}ܽ)����郧 �<�؍?��:]PT��X�@����5$jh��]��i��Y��̕k�lPtR���3�,>�4@�qƗ�nQ1��~�9��*�뭁����n� ��`���6(w��0cŦCߪ��H��˳<����Ǝ�?��Y%���L��#p�_�+I$�0y�;�Fi�%e���mk��e)r:�헛�t�/�/���v.ڦb 37 | ��S��gW�z���-�K�e����<�7:|� ��z:NhW��XcM%I�$a�ɛ�����0��׆���r�z��� 38 | ��jzY���s�͟5��'�5bg*$!�Q��>*M�Iy��־���Ӫ2�5�ioW��CL&���� ���t4I�d��J�y-���8²tB�1�+x���7V(G$-�������m4d���,M �_;S!�\�*U����]��G���>0��3���8�� 7q����M�A(ʊj_ 39 | ���2&{� 40 | ���+4ɋ �_w���ӷ�K���kV��_�f~�ǿ�0\S���rwB���/V�wȬ� � �����G����aLӼ����؅;�.�� )SF�H����`��_��Y���5�*�?���R�^�-+KB,�s�w��QJ@:c`y]>B�m��tn���������O�[0|�O+Lt�Q�걽G�8ɳ>� H�ƙ+�r_`���{��掘^�o�p-胛������2�׸���^n���������ۻ�<���s U�Ϡk���d��+�YҼ���6I��.�r��I}���YA��SP�ڄ*˗#��S䑞��[z|d�)X�+565�^ %��aK',߱�n�- �j�R� ��������:����}�p��E~�����'���x,q��9{��m�E�K�y���Wy��8(_BS�������UG�?�Wퟗ?�]�t�$H�W+�c'��^�r�:/zFF�y�w�@8k�� }F���z���kc��y@�{�!]�&!!&�m����g��F����e`���ׄ?�c+�V�&�u���l�����E������U3>�ۧ]��i]��rx.�d�9:���p��ܯV|T�>NcH��D�E����v��_��va�A���i��/\%s�K�"����I�A$�1@R]���|���a������/�OK���k�Zv�Ʃ9kg�H\��B �u���a�J���=I���9!���v�ܤ]^y���b���GB���ذN��e�%ǩ�����⎍�S�s'g���4%�o���RB�x�ӣ���'������M@w[�U�� ����[V$�4zmRV��GskOWy����k[�@bV2�2�ށ��w�1�����4��>>-�������G �X� � 41 | � ��� �$wR�7�h�T��jjDFA��O���z>!�Bbx��s -�'�$�~�c�PcKaY��5��N ��#@'x��)�Y۔�1,ܹL:Lnl�����_.쳡W[�}��j�Ɗ'?�� 42 | ��v�fk�j3�;1��j���K�C/t#/ܿbm#�R���`(���@�C�'}������vr 43 | sG.��D  �C������/�x�_����}�i�g����� 44 | &:MDx��om�f�.),�39 B| 45 | &!�CZ�0���mW�����ݵr��!�}�N,M�K�����n��忭]��c�s��獤;7n����T���}�j*�0p�R�T<)./t��X��t��K'�g&���n���Z�0jɸ����m;z��)���~����\B�H;1,���9'O�� �y0���7O8�֠;�ˌJn�^9z�}�7��'�-��N�"e�y 46 | �.�(���sr��[��j���+ʊ\�l�M.?�^��:�۰�}�����ʩ�.^-�>�����qA��LX��ȷ�DR��>�9v���+v���bA�-t�c���΃V�u���QQV�(+r�9 �<x���+��o譻�#�_~`��)���zvOL����:T�YEr��+#pB,�t.��an�C��Zu��Ͳrj�Z�:~���O���X��پe��tjaU;%�RP��ZW}�,s � 49 | �M���[���xJ���}�iYa�Z�f�R��%�_�H|ǩ�w��c<2�p�V<��7>� :������n���� Z4��v����SJ��@���I��I��I��i#�m��"?��F��R���?y�ܱs{�&�ui��Pk�u�H�P��y�B��!�r��q�Q�3�0Lj끂R�c�s �Rd� A �����K�g��"� ��]@�߂?������v.[�k���/m<���6Gi�P�u��aK����e���� 50 | �� 51 | �0���+�ط��;����_�w ��t��3y%�g�(��u6��Ow�r_��#I��� ����� 52 | �,s ��%�%^N��+�kC�� 53 | �z��۪��p����h�ދ���ӿ�ں��0����� �����������v 54 | �$�ŗ^��zh����خO�^�N�����c�o�|�橥?�����f�-X�*u �Z��⁈m�~8�?�H ðz|pc�kﮜ�ֺ9�O�KH�F��y�焌G߼��x׫��J��+~[���]8��1�����eu5���߅�}$�@g|� ��B4�[4RQj5����$lZ�A?;l�3�A7b�W3�z��T�~��Ѝ��b�����#t�V��hmS�oEC_��R��C��kǯ���J�.0�z� ~;���M���ðf�����.xo��/���2�dɒ��I����-�Y���ppiߪ�Ǔ/��С�%�����qL�g�ڠuI;�E/{cقWfٰLJ��}|Z�!��Nr'w��s�}��[w��'e�ľc��^5E�C�^�� R��Dn�ҥm���m�j�[y�A�W���DR;=˸;8{عt�Գ�nK��I���L�4ɿ(�7��.cK�\�IEND�B`� 55 | -------------------------------------------------------------------------------- /src/reference/docbook/index.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | Spring Integration Splunk Adapter 7 | Splunk Adapter ${version} 8 | Spring Integration 9 | ${version} 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | Jarred Li 24 | Mark Pollack 25 | Damien Dallimore 26 | 27 | 28 | © SpringSource Inc., 2012 29 | 30 | 31 | 32 | 33 | 34 | 35 | What's new? 36 | 37 | 38 | If you are interested in the changes and features, that were introduced in 39 | earlier versions, please take a look at chapter: 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | Integration Adapters 50 | 51 | 52 | Spring Integration adapter for Splunk includes inbound channel adapter to 53 | read data from Splunk and outbound channel adapter to write data into 54 | Splunk. 55 | 56 | 57 | 58 | 59 | 60 | Appendices 61 | 62 | 63 | 64 | 65 | -------------------------------------------------------------------------------- /src/reference/docbook/resources.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | Additional Resources 5 | 6 |
7 | Spring Integration Home 8 | 9 | The definitive source of information about Spring Integration is the 10 | Spring Integration Home at 11 | https://www.springsource.org. That site serves as a hub of 12 | information and is the best place to find up-to-date announcements about the project as well as links to 13 | articles, blogs, and new sample applications. 14 | 15 |
16 | 17 |
18 | Splunk Home 19 | 20 | You can get more information on Splunk from Splunk Home. 21 | 22 | 23 | Splunk SDK API is in Splunk Dev. 24 | 25 |
26 | 27 | 28 | -------------------------------------------------------------------------------- /src/reference/docbook/whats-new.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | What's new? 6 | 7 | The Spring Integration adapter for Splunk includes two adapters: 8 | 9 | 10 | 11 | Inbound Channel Adapter to search data from Splunk. 12 | 13 | 14 | Outbound Channel Adapter to push event data into Splunk. 15 | 16 | 17 | 18 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/config/xml/SplunkInboundChannelAdapterParserSavedSearchTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.config.xml; 17 | 18 | import static org.junit.Assert.assertEquals; 19 | import static org.junit.Assert.assertNotNull; 20 | 21 | import org.junit.Test; 22 | import org.junit.runner.RunWith; 23 | import org.springframework.beans.factory.annotation.Autowired; 24 | import org.springframework.context.ApplicationContext; 25 | import org.springframework.integration.endpoint.SourcePollingChannelAdapter; 26 | import org.springframework.integration.splunk.support.SearchMode; 27 | import org.springframework.integration.splunk.support.SplunkDataReader; 28 | import org.springframework.test.context.ContextConfiguration; 29 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 30 | 31 | /** 32 | * @author Jarred Li 33 | * @since 1.0 34 | * 35 | */ 36 | 37 | @RunWith(SpringJUnit4ClassRunner.class) 38 | @ContextConfiguration 39 | public class SplunkInboundChannelAdapterParserSavedSearchTests { 40 | 41 | @Autowired 42 | private ApplicationContext appContext; 43 | 44 | /** 45 | * Test method for {@link org.springframework.integration.splunk.config.xml.SplunkInboundChannelAdapterParser#parseSource(org.w3c.dom.Element, org.springframework.beans.factory.xml.ParserContext)}. 46 | */ 47 | @Test 48 | public void testParseSourceElementParserContext() { 49 | SourcePollingChannelAdapter adapter = appContext.getBean("splunkInboundChannelAdapter", 50 | SourcePollingChannelAdapter.class); 51 | assertNotNull(adapter); 52 | SplunkDataReader reader = appContext.getBean("splunkInboundChannelAdapter.splunkExecutor.reader", 53 | SplunkDataReader.class); 54 | assertNotNull(reader); 55 | 56 | SearchMode mode = SearchMode.SAVEDSEARCH; 57 | assertEquals(mode, reader.getMode()); 58 | 59 | String savedSearch = "savedSearch"; 60 | assertEquals(savedSearch, reader.getSavedSearch()); 61 | 62 | String owner = "admin"; 63 | assertEquals(owner, reader.getOwner()); 64 | 65 | String app = "search"; 66 | assertEquals(app, reader.getApp()); 67 | } 68 | 69 | } 70 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/config/xml/SplunkInboundChannelAdapterParserTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.config.xml; 17 | 18 | import org.junit.Assert; 19 | import org.junit.Test; 20 | import org.junit.runner.RunWith; 21 | 22 | import org.springframework.beans.factory.annotation.Autowired; 23 | import org.springframework.context.ApplicationContext; 24 | import org.springframework.integration.endpoint.SourcePollingChannelAdapter; 25 | import org.springframework.integration.splunk.support.SearchMode; 26 | import org.springframework.integration.splunk.support.SplunkDataReader; 27 | import org.springframework.test.context.ContextConfiguration; 28 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 29 | 30 | /** 31 | * @author Jarred Li 32 | * @since 1.0 33 | * 34 | */ 35 | 36 | @RunWith(SpringJUnit4ClassRunner.class) 37 | @ContextConfiguration 38 | public class SplunkInboundChannelAdapterParserTests { 39 | 40 | @Autowired 41 | private ApplicationContext appContext; 42 | 43 | /** 44 | * Test method for {@link org.springframework.integration.splunk.config.xml.SplunkInboundChannelAdapterParser#parseSource(org.w3c.dom.Element, org.springframework.beans.factory.xml.ParserContext)}. 45 | */ 46 | @Test 47 | //@Ignore 48 | public void testParseSourceElementParserContext() { 49 | SourcePollingChannelAdapter adapter = appContext.getBean("splunkInboundChannelAdapter", 50 | SourcePollingChannelAdapter.class); 51 | Assert.assertNotNull(adapter); 52 | Assert.assertFalse(adapter.isAutoStartup()); 53 | 54 | SplunkDataReader reader = appContext.getBean("splunkInboundChannelAdapter.splunkExecutor.reader", 55 | SplunkDataReader.class); 56 | Assert.assertNotNull(reader); 57 | 58 | String searchString = "search spring:example"; 59 | Assert.assertEquals(searchString, reader.getSearch()); 60 | 61 | SearchMode mode = SearchMode.BLOCKING; 62 | Assert.assertEquals(mode, reader.getMode()); 63 | 64 | String earliestTime = "-1d"; 65 | Assert.assertEquals(earliestTime, reader.getEarliestTime()); 66 | 67 | String latestTime = "now"; 68 | Assert.assertEquals(latestTime, reader.getLatestTime()); 69 | 70 | String initEarliestTime = "-1d"; 71 | Assert.assertEquals(initEarliestTime, reader.getInitEarliestTime()); 72 | 73 | String fieldList = "field1, field2"; 74 | Assert.assertEquals(fieldList, reader.getFieldList()); 75 | 76 | } 77 | 78 | } 79 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/config/xml/SplunkOutboundChannelAdapterParserStreamTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2014 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package org.springframework.integration.splunk.config.xml; 18 | 19 | import static org.junit.Assert.*; 20 | 21 | import org.junit.Test; 22 | import org.junit.runner.RunWith; 23 | 24 | import org.springframework.beans.factory.annotation.Autowired; 25 | import org.springframework.context.ApplicationContext; 26 | import org.springframework.integration.splunk.support.AbstractSplunkDataWriter; 27 | import org.springframework.integration.splunk.support.SplunkIndexWriter; 28 | import org.springframework.test.context.ContextConfiguration; 29 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 30 | 31 | /** 32 | * @author Jarred Li 33 | * @author Artem Bilan 34 | * @since 1.0 35 | * 36 | */ 37 | @RunWith(SpringJUnit4ClassRunner.class) 38 | @ContextConfiguration 39 | public class SplunkOutboundChannelAdapterParserStreamTests { 40 | 41 | @Autowired 42 | private ApplicationContext appContext; 43 | 44 | @Test 45 | public void testParseConsumerElementParserContext() { 46 | Object adapter = appContext.getBean("splunkOutboundChannelAdapter"); 47 | assertNotNull(adapter); 48 | 49 | AbstractSplunkDataWriter writer = appContext.getBean("splunkOutboundChannelAdapter.splunkExecutor.writer", 50 | AbstractSplunkDataWriter.class); 51 | assertNotNull(writer); 52 | assertTrue(writer instanceof SplunkIndexWriter); 53 | assertEquals("foo", ((SplunkIndexWriter) writer).getIndex()); 54 | } 55 | 56 | } 57 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/config/xml/SplunkOutboundChannelAdapterParserTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.config.xml; 17 | 18 | import static org.junit.Assert.*; 19 | 20 | import org.junit.Assert; 21 | import org.junit.Test; 22 | import org.junit.runner.RunWith; 23 | 24 | import org.springframework.beans.factory.annotation.Autowired; 25 | import org.springframework.context.ApplicationContext; 26 | import org.springframework.integration.splunk.support.AbstractSplunkDataWriter; 27 | import org.springframework.integration.splunk.support.SplunkSubmitWriter; 28 | import org.springframework.test.context.ContextConfiguration; 29 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 30 | 31 | /** 32 | * @author Jarred Li 33 | * @since 1.0 34 | * 35 | */ 36 | @RunWith(SpringJUnit4ClassRunner.class) 37 | @ContextConfiguration 38 | public class SplunkOutboundChannelAdapterParserTests { 39 | 40 | @Autowired 41 | private ApplicationContext appContext; 42 | 43 | /** 44 | * Test method for {@link org.springframework.integration.splunk.config.xml.SplunkOutboundChannelAdapterParser#parseConsumer(org.w3c.dom.Element, org.springframework.beans.factory.xml.ParserContext)}. 45 | */ 46 | @Test 47 | public void testParseConsumerElementParserContext() { 48 | Object adapter = appContext.getBean("splunkOutboundChannelAdapter"); 49 | Assert.assertNotNull(adapter); 50 | 51 | AbstractSplunkDataWriter writer = appContext.getBean("splunkOutboundChannelAdapter.splunkExecutor.writer", 52 | AbstractSplunkDataWriter.class); 53 | assertNotNull(writer); 54 | 55 | assertTrue(writer instanceof SplunkSubmitWriter); 56 | assertEquals(false,writer.isAutoStartup()); 57 | assertEquals(false,writer.isRunning()); 58 | 59 | String sourceType = "spring-integration"; 60 | assertEquals(sourceType, writer.getArgs().get("sourcetype")); 61 | 62 | String source = "example5"; 63 | assertEquals(source, writer.getArgs().get("source")); 64 | 65 | } 66 | 67 | } 68 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/config/xml/SplunkServerParserTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.config.xml; 17 | 18 | import org.junit.Assert; 19 | import org.junit.Test; 20 | import org.junit.runner.RunWith; 21 | 22 | import org.springframework.beans.factory.annotation.Autowired; 23 | import org.springframework.context.ApplicationContext; 24 | import org.springframework.integration.splunk.support.SplunkServer; 25 | import org.springframework.test.context.ContextConfiguration; 26 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 27 | 28 | /** 29 | * @author Jarred Li 30 | * @since 1.0 31 | * 32 | */ 33 | @RunWith(SpringJUnit4ClassRunner.class) 34 | @ContextConfiguration 35 | public class SplunkServerParserTests { 36 | 37 | @Autowired 38 | private ApplicationContext appContext; 39 | 40 | /** 41 | * Test method for {@link org.springframework.integration.splunk.config.xml.SplunkServerParser#doParse(org.w3c.dom.Element, org.springframework.beans.factory.xml.ParserContext, org.springframework.beans.factory.support.BeanDefinitionBuilder)}. 42 | */ 43 | @Test 44 | public void testDoParseElementParserContextBeanDefinitionBuilder() { 45 | SplunkServer server = appContext.getBean("splunkServer", SplunkServer.class); 46 | 47 | Assert.assertEquals("test.splunk.server", server.getHost()); 48 | Assert.assertEquals(8089, server.getPort()); 49 | Assert.assertEquals("admin", server.getUsername()); 50 | Assert.assertEquals("password", server.getPassword()); 51 | Assert.assertEquals("https", server.getScheme()); 52 | Assert.assertEquals("admin", server.getOwner()); 53 | Assert.assertEquals("search", server.getApp()); 54 | } 55 | 56 | } 57 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/event/SplunkEventTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2002-2013 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with 5 | * the License. You may obtain a copy of the License at 6 | * 7 | * https://www.apache.org/licenses/LICENSE-2.0 8 | * 9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.springframework.integration.splunk.event; 14 | 15 | import static org.junit.Assert.assertEquals; 16 | 17 | import java.util.HashMap; 18 | import java.util.Map; 19 | 20 | import org.junit.Test; 21 | 22 | /** 23 | * @author David Turanski 24 | * 25 | */ 26 | public class SplunkEventTests { 27 | @Test 28 | public void testGetEventData() { 29 | Map data = new HashMap(); 30 | data.put("foo", "foo"); 31 | data.put("bar", null); 32 | SplunkEvent event = new SplunkEvent(data); 33 | Map eventData = event.getEventData(); 34 | assertEquals(data.size(),eventData.size()); 35 | for (String key: eventData.keySet()) { 36 | assertEquals(data.get(key),eventData.get(key)); 37 | } 38 | } 39 | public void testGetEventDataEmpty() { 40 | SplunkEvent event = new SplunkEvent( ); 41 | Map eventData = event.getEventData(); 42 | assertEquals(0,eventData.size()); 43 | } 44 | 45 | @Test(expected=RuntimeException.class) 46 | public void testKeyCannotBeNull() { 47 | SplunkEvent event = new SplunkEvent(); 48 | event.addPair(null, "foo"); 49 | } 50 | 51 | @Test 52 | public void testCopyConstructor() { 53 | Map data = new HashMap(); 54 | data.put("foo", "foo"); 55 | data.put("bar", "bar"); 56 | SplunkEvent event = new SplunkEvent(data); 57 | SplunkEvent event2 = new SplunkEvent(event); 58 | assertEquals(event.quoteValues, event2.quoteValues); 59 | assertEquals(event.useInternalDate,event2.useInternalDate); 60 | Map eventData = event.getEventData(); 61 | Map event2Data = event2.getEventData(); 62 | 63 | assertEquals(eventData.size(),event2Data.size()); 64 | for (String key: eventData.keySet()) { 65 | assertEquals(eventData.get(key),event2Data.get(key)); 66 | } 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/inbound/SplunkPollingChannelAdapterTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.inbound; 17 | 18 | import static org.mockito.Mockito.*; 19 | 20 | import java.util.ArrayList; 21 | import java.util.List; 22 | 23 | import org.junit.Assert; 24 | import org.junit.Before; 25 | import org.junit.Test; 26 | 27 | import org.springframework.integration.splunk.event.SplunkEvent; 28 | import org.springframework.integration.splunk.support.SplunkExecutor; 29 | 30 | /** 31 | * @author Jarred Li 32 | * @since 1.0 33 | * 34 | */ 35 | public class SplunkPollingChannelAdapterTests { 36 | 37 | private SplunkPollingChannelAdapter inboundAdapter; 38 | 39 | private SplunkExecutor executor; 40 | 41 | @Before 42 | public void init() { 43 | executor = mock(SplunkExecutor.class); 44 | inboundAdapter = new SplunkPollingChannelAdapter(executor); 45 | } 46 | 47 | /** 48 | * Test method for {@link org.springframework.integration.splunk.inbound.SplunkPollingChannelAdapter#receive()}. 49 | */ 50 | @Test 51 | public void testReceive() { 52 | List data = new ArrayList(); 53 | SplunkEvent sd = new SplunkEvent("spring", "spring:example"); 54 | sd.setCommonDesc("description"); 55 | data.add(sd); 56 | when(executor.poll()).thenReturn(data); 57 | 58 | List received = inboundAdapter.receive().getPayload(); 59 | Assert.assertEquals(1, received.size()); 60 | } 61 | 62 | /** 63 | * Test method for {@link org.springframework.integration.splunk.inbound.SplunkPollingChannelAdapter#getComponentType()}. 64 | */ 65 | @Test 66 | public void testGetComponentType() { 67 | Assert.assertEquals("splunk:inbound-channel-adapter", inboundAdapter.getComponentType()); 68 | } 69 | 70 | } 71 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/outbound/SplunkOutboundChannelAdapterTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.outbound; 17 | 18 | import static org.mockito.Mockito.*; 19 | 20 | import org.junit.Assert; 21 | import org.junit.Before; 22 | import org.junit.Test; 23 | 24 | import org.springframework.integration.splunk.support.SplunkExecutor; 25 | import org.springframework.messaging.Message; 26 | 27 | /** 28 | * @author Jarred Li 29 | * @since 1.0 30 | * 31 | */ 32 | public class SplunkOutboundChannelAdapterTests { 33 | 34 | private SplunkOutboundChannelAdapter outboundAdapter; 35 | 36 | private SplunkExecutor executor; 37 | 38 | @Before 39 | public void init() { 40 | executor = mock(SplunkExecutor.class); 41 | outboundAdapter = new SplunkOutboundChannelAdapter(executor); 42 | } 43 | 44 | /** 45 | * Test method for {@link org.springframework.integration.splunk.outbound.SplunkOutboundChannelAdapter#handleRequestMessage(org.springframework.integration.Message)}. 46 | */ 47 | @Test 48 | public void testHandleRequestMessage() { 49 | Message message = null; 50 | when(executor.write(message)).thenReturn(null); 51 | 52 | Object ret = outboundAdapter.handleRequestMessage(message); 53 | Assert.assertNull(ret); 54 | } 55 | 56 | /** 57 | * Test method for {@link org.springframework.integration.splunk.outbound.SplunkOutboundChannelAdapter#setProducesReply(boolean)}. 58 | */ 59 | @Test 60 | public void testSetProducesReply() { 61 | outboundAdapter.setProducesReply(false); 62 | } 63 | 64 | } 65 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/support/SplunkDataReaderTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.support; 17 | 18 | import static org.mockito.Mockito.*; 19 | 20 | import java.io.FileNotFoundException; 21 | import java.io.IOException; 22 | import java.io.InputStream; 23 | import java.util.List; 24 | import java.util.Map; 25 | 26 | import com.splunk.Job; 27 | import com.splunk.JobCollection; 28 | import com.splunk.Service; 29 | import org.junit.Assert; 30 | import org.junit.Before; 31 | import org.junit.Ignore; 32 | import org.junit.Test; 33 | 34 | import org.springframework.core.io.ClassPathResource; 35 | import org.springframework.integration.splunk.core.ServiceFactory; 36 | import org.springframework.integration.splunk.event.SplunkEvent; 37 | 38 | /** 39 | * @author Jarred Li 40 | * @since 1.0 41 | * 42 | */ 43 | public class SplunkDataReaderTests { 44 | 45 | private SplunkDataReader reader; 46 | 47 | @Before 48 | public void before() { 49 | ServiceFactory serviceFactory =serviceFactory(); 50 | reader = new SplunkDataReader(serviceFactory); 51 | } 52 | 53 | /** 54 | * Test method for {@link org.springframework.integration.splunk.support.SplunkDataReader#search()}. 55 | * @throws Exception 56 | */ 57 | @Test 58 | public void testBlockingSearch() throws Exception { 59 | reader.setMode(SearchMode.BLOCKING); 60 | reader.setSearch("search spring:example"); 61 | List data = reader.read(); 62 | Assert.assertNotNull(data); 63 | Assert.assertEquals(5, data.size()); 64 | } 65 | 66 | @Test 67 | public void testNonBlockingSearch() throws Exception { 68 | reader.setMode(SearchMode.NORMAL); 69 | reader.setSearch("search spring:example"); 70 | List data = reader.read(); 71 | Assert.assertNotNull(data); 72 | Assert.assertEquals(5, data.size()); 73 | } 74 | 75 | 76 | @Ignore 77 | @Test 78 | public void testRealtimeSearch() throws Exception { 79 | reader.setMode(SearchMode.REALTIME); 80 | reader.setSearch("search spring:example"); 81 | List data = reader.read(); 82 | Assert.assertNotNull(data); 83 | Assert.assertEquals(5, data.size()); 84 | } 85 | 86 | private ServiceFactory serviceFactory() { 87 | InputStream is = null; 88 | 89 | try { 90 | is = new ClassPathResource("splunk-data.xml").getInputStream(); 91 | } catch (FileNotFoundException e) { 92 | Assert.fail("can not read splunk data file"); 93 | } catch (IOException e) { 94 | Assert.fail("can not read splunk data file"); 95 | } 96 | 97 | Service service = mock(Service.class); 98 | service.setToken("token"); 99 | JobCollection jobCollection = mock(JobCollection.class); 100 | Job blockingJob = mock(Job.class); 101 | when(blockingJob.isDone()).thenReturn(true); 102 | when(blockingJob.getResultCount()).thenReturn(5); 103 | when(blockingJob.getResults(any(Map.class))).thenReturn(is); 104 | when(jobCollection.create(any(String.class), any(Map.class))).thenReturn(blockingJob); 105 | when(service.getJobs()).thenReturn(jobCollection); 106 | 107 | ServiceFactory serviceFactory = mock(ServiceFactory.class); 108 | when(serviceFactory.getService()).thenReturn(service); 109 | return serviceFactory; 110 | } 111 | } 112 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/support/SplunkDataWriterTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.support; 17 | 18 | import static org.mockito.Matchers.eq; 19 | import static org.mockito.Matchers.matches; 20 | import static org.mockito.Mockito.mock; 21 | import static org.mockito.Mockito.verify; 22 | import static org.mockito.Mockito.when; 23 | 24 | import org.junit.Before; 25 | import org.junit.Test; 26 | import org.springframework.integration.splunk.core.ServiceFactory; 27 | import org.springframework.integration.splunk.event.SplunkEvent; 28 | 29 | import com.splunk.Args; 30 | import com.splunk.Receiver; 31 | import com.splunk.Service; 32 | 33 | /** 34 | * @author Jarred Li 35 | * @since 1.0 36 | * 37 | */ 38 | public class SplunkDataWriterTests { 39 | 40 | private AbstractSplunkDataWriter writer; 41 | 42 | private static Receiver receiver = mock(Receiver.class); 43 | 44 | private Args args; 45 | 46 | @Before 47 | public void before() throws Exception { 48 | args = new Args(); 49 | writer = new SplunkSubmitWriter(serviceFactory(), args); 50 | writer.start(); 51 | } 52 | 53 | /** 54 | * Test method for {@link org.springframework.integration.splunk.support.AbstractSplunkDataWriter#write(org.springframework.integration.splunk.event.SplunkEvent)}. 55 | * @throws Exception 56 | */ 57 | @Test 58 | public void testWrite() throws Exception { 59 | 60 | SplunkEvent sd = new SplunkEvent("spring", "spring:example"); 61 | sd.setCommonDesc("description"); 62 | writer.write(sd); 63 | 64 | verify(receiver).submit(eq(args), matches(".*spring:example.*\n")); 65 | 66 | writer.stop(); 67 | } 68 | 69 | private ServiceFactory serviceFactory() throws Exception { 70 | ServiceFactory serviceFactory = mock(ServiceFactory.class); 71 | 72 | Service service = mock(Service.class); 73 | service.setToken("token"); 74 | when(service.getReceiver()).thenReturn(receiver); 75 | when(serviceFactory.getService()).thenReturn(service); 76 | return serviceFactory; 77 | } 78 | 79 | } 80 | -------------------------------------------------------------------------------- /src/test/java/org/springframework/integration/splunk/support/SplunkExecutorTests.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2011-2012 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | package org.springframework.integration.splunk.support; 17 | 18 | import static org.mockito.Mockito.*; 19 | 20 | import java.util.ArrayList; 21 | import java.util.List; 22 | 23 | import org.junit.Assert; 24 | import org.junit.Before; 25 | import org.junit.Test; 26 | 27 | import org.springframework.integration.splunk.core.DataReader; 28 | import org.springframework.integration.splunk.core.DataWriter; 29 | import org.springframework.integration.splunk.event.SplunkEvent; 30 | import org.springframework.integration.support.MessageBuilder; 31 | import org.springframework.messaging.Message; 32 | 33 | /** 34 | * @author Jarred Li 35 | * @since 1.0 36 | * 37 | */ 38 | public class SplunkExecutorTests { 39 | 40 | private SplunkExecutor executor; 41 | 42 | private DataReader reader = mock(DataReader.class); 43 | 44 | private DataWriter writer = mock(DataWriter.class); 45 | 46 | @Before 47 | public void before() { 48 | executor = new SplunkExecutor(); 49 | executor.setReader(reader); 50 | executor.setWriter(writer); 51 | } 52 | 53 | 54 | /** 55 | * Test method for {@link org.springframework.integration.splunk.support.SplunkExecutor#handleMessage(org.springframework.integration.Message)}. 56 | * @throws Exception 57 | */ 58 | @Test 59 | public void testHandleMessage() throws Exception { 60 | SplunkEvent sd = new SplunkEvent("spring", "spring:example"); 61 | sd.setCommonDesc("description"); 62 | Message message = MessageBuilder.withPayload(sd).build(); 63 | executor.handleMessage(message); 64 | verify(writer).write(sd); 65 | } 66 | 67 | /** 68 | * Test method for {@link org.springframework.integration.splunk.support.SplunkExecutor#poll()}. 69 | * @throws Exception 70 | */ 71 | @Test 72 | public void testPoll() throws Exception { 73 | List data = new ArrayList(); 74 | SplunkEvent sd = new SplunkEvent("spring", "spring:example"); 75 | sd.setCommonDesc("description"); 76 | data.add(sd); 77 | 78 | sd = new SplunkEvent("spring", "spring:example"); 79 | sd.setCommonDesc("description"); 80 | data.add(sd); 81 | when(reader.read()).thenReturn(data); 82 | 83 | List result = executor.poll(); 84 | Assert.assertEquals(2, result.size()); 85 | 86 | } 87 | 88 | } 89 | -------------------------------------------------------------------------------- /src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | log4j.rootCategory=INFO, stdout 2 | 3 | log4j.appender.stdout=org.apache.log4j.ConsoleAppender 4 | log4j.appender.stdout.layout=org.apache.log4j.PatternLayout 5 | log4j.appender.stdout.layout.ConversionPattern=%d{HH:mm:ss.SSS} %-5p [%t][%c] %m%n 6 | 7 | log4j.category.org.springframework.integration.splunk=DEBUG 8 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/SplunkCommon-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/config/xml/SplunkInboundChannelAdapterParserCommon-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/config/xml/SplunkInboundChannelAdapterParserSavedSearchTests-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 22 | 23 | 24 | 25 | 26 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/config/xml/SplunkInboundChannelAdapterParserTests-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 13 | 14 | 15 | 16 | 21 | 22 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/config/xml/SplunkOutboundChannelAdapterParserStreamTests-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 10 | 11 | 12 | 13 | 14 | 15 | 20 | 21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/config/xml/SplunkOutboundChannelAdapterParserTests-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 11 | 12 | 13 | 14 | 15 | 16 | 21 | 22 | 23 | 24 | -------------------------------------------------------------------------------- /src/test/resources/org/springframework/integration/splunk/config/xml/SplunkServerParserTests-context.xml: -------------------------------------------------------------------------------- 1 | 2 | 12 | 13 | 16 | 17 | 18 | -------------------------------------------------------------------------------- /src/test/resources/splunk-data.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | _cd 6 | _indextime 7 | _raw 8 | _serial 9 | _si 10 | _sourcetype 11 | _subsecond 12 | _time 13 | host 14 | index 15 | linecount 16 | source 17 | sourcetype 18 | splunk_server 19 | 20 | 21 | 22 | 23 | 9:30 24 | 25 | 26 | 1348478076 27 | 28 | 2012-09-24 17:19:43:792+0800 name="spring" event_id="spring:example" desc="description" 29 | 30 | 0 31 | 32 | 33 | jarred-virtual-machine 34 | main 35 | 36 | 37 | spring-integration 38 | 39 | 40 | .792 41 | 42 | 43 | 2012-09-24T17:19:43.792+08:00 44 | 45 | 46 | test.host 47 | 48 | 49 | main 50 | 51 | 52 | 1 53 | 54 | 55 | example5 56 | 57 | 58 | spring-integration 59 | 60 | 61 | jarred-virtual-machine 62 | 63 | 64 | 65 | 66 | 9:26 67 | 68 | 69 | 1348478076 70 | 71 | 2012-09-24 17:19:43:756+0800 name="spring" event_id="spring:example" desc="description" 72 | 73 | 1 74 | 75 | 76 | jarred-virtual-machine 77 | main 78 | 79 | 80 | spring-integration 81 | 82 | 83 | .756 84 | 85 | 86 | 2012-09-24T17:19:43.756+08:00 87 | 88 | 89 | test.host 90 | 91 | 92 | main 93 | 94 | 95 | 1 96 | 97 | 98 | example5 99 | 100 | 101 | spring-integration 102 | 103 | 104 | jarred-virtual-machine 105 | 106 | 107 | 108 | 109 | 9:21 110 | 111 | 112 | 1348464748 113 | 114 | 2012-09-24 13:37:34:860+0800 name="spring" event_id="spring:example" desc="description" 115 | 116 | 2 117 | 118 | 119 | jarred-virtual-machine 120 | main 121 | 122 | 123 | spring-integration 124 | 125 | 126 | .860 127 | 128 | 129 | 2012-09-24T13:37:34.860+08:00 130 | 131 | 132 | test.host 133 | 134 | 135 | main 136 | 137 | 138 | 1 139 | 140 | 141 | example5 142 | 143 | 144 | spring-integration 145 | 146 | 147 | jarred-virtual-machine 148 | 149 | 150 | 151 | 152 | 9:17 153 | 154 | 155 | 1348464748 156 | 157 | 2012-09-24 13:37:34:789+0800 name="spring" event_id="spring:example" desc="description" 158 | 159 | 3 160 | 161 | 162 | jarred-virtual-machine 163 | main 164 | 165 | 166 | spring-integration 167 | 168 | 169 | .789 170 | 171 | 172 | 2012-09-24T13:37:34.789+08:00 173 | 174 | 175 | test.host 176 | 177 | 178 | main 179 | 180 | 181 | 1 182 | 183 | 184 | example5 185 | 186 | 187 | spring-integration 188 | 189 | 190 | jarred-virtual-machine 191 | 192 | 193 | 194 | 195 | 9:12 196 | 197 | 198 | 1348464606 199 | 200 | 2012-09-24 13:35:13:621+0800 name="spring" event_id="spring:example" desc="description" 201 | 202 | 4 203 | 204 | 205 | jarred-virtual-machine 206 | main 207 | 208 | 209 | spring-integration 210 | 211 | 212 | .621 213 | 214 | 215 | 2012-09-24T13:35:13.621+08:00 216 | 217 | 218 | test.host 219 | 220 | 221 | main 222 | 223 | 224 | 1 225 | 226 | 227 | example5 228 | 229 | 230 | spring-integration 231 | 232 | 233 | jarred-virtual-machine 234 | 235 | 236 | --------------------------------------------------------------------------------