Merge pull request #6 from splunk/develop

Merge develop with master

Author: vmalaviya-splunk

src/eventing_app/bin/eventingcsc.py

@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+# coding=utf-8
+#
+# Copyright 2011-2015 Splunk, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"): you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os,sys
+
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "lib"))
+from splunklib.searchcommands import dispatch, EventingCommand, Configuration, Option, validators
+
+
+@Configuration()
+class EventingCSC(EventingCommand):
+    """
+    The eventingcsc command filters records from the events stream returning only those for which the status is same
+    as search query.
+
+    Example:
+
+    ``index="_internal" | head 4000 | eventingcsc status=200``
+
+    Returns records having status 200 as mentioned in search query.
+    """
+
+    status = Option(
+        doc='''**Syntax:** **status=***<value>*
+        **Description:** record having same status value will be returned.''',
+        require=True)
+
+    def transform(self, records):
+        for record in records:
+            if str(self.status) == record["status"]:
+                yield record
+
+
+dispatch(EventingCSC, sys.argv, sys.stdin, sys.stdout, __name__)

src/eventing_app/default/app.conf

@@ -0,0 +1,15 @@
+#
+# Splunk app configuration file
+#
+
+[install]
+is_configured = 0
+
+[ui]
+is_visible = 1
+label = Eventing App
+
+[launcher]
+description = Eventing custom search commands example
+version = 1.0.0
+

src/eventing_app/default/commands.conf

@@ -0,0 +1,4 @@
+[eventingapp]
+filename = eventingcsc.py
+chunked = true
+python.version = python3

src/eventing_app/metadata/default.meta

@@ -0,0 +1,35 @@
+
+# Application-level permissions
+
+[]
+access = read : [ * ], write : [ admin, power ]
+
+### EVENT TYPES
+
+[eventtypes]
+export = system
+
+
+### PROPS
+
+[props]
+export = system
+
+
+### TRANSFORMS
+
+[transforms]
+export = system
+
+
+### LOOKUPS
+
+[lookups]
+export = system
+
+
+### VIEWSTATES: even normal users should be able to create shared viewstates
+
+[viewstates]
+access = read : [ * ], write : [ * ]
+export = system

src/generating_app/bin/generatingcsc.py

@@ -0,0 +1,46 @@
+#!/usr/bin/env python
+# coding=utf-8
+#
+# Copyright © 2011-2015 Splunk, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"): you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os, sys
+import time
+
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "lib"))
+from splunklib.searchcommands import dispatch, GeneratingCommand, Configuration, Option, validators
+
+
+@Configuration()
+class GeneratingCSC(GeneratingCommand):
+    """
+    The generatingcsc command generates a specific number of records.
+
+    Example:
+
+    ``| generatingcsc count=4``
+
+    Returns a 4 records having text 'Test Event'.
+    """
+
+    count = Option(require=True, validate=validators.Integer(0))
+
+    def generate(self):
+        self.logger.debug("Generating %s events" % self.count)
+        for i in range(1, self.count + 1):
+            text = f'Test Event {i}'
+            yield {'_time': time.time(), 'event_no': i, '_raw': text}
+
+
+dispatch(GeneratingCSC, sys.argv, sys.stdin, sys.stdout, __name__)

src/generating_app/default/app.conf

@@ -0,0 +1,15 @@
+#
+# Splunk app configuration file
+#
+
+[install]
+is_configured = 0
+
+[ui]
+is_visible = 1
+label = Generating App
+
+[launcher]
+description = Generating custom search commands example
+version = 1.0.0
+

src/generating_app/default/commands.conf

@@ -0,0 +1,4 @@
+[generatingapp]
+filename = generatingcsc.py
+chunked = true
+python.version = python3

src/generating_app/metadata/default.meta

@@ -0,0 +1,35 @@
+
+# Application-level permissions
+
+[]
+access = read : [ * ], write : [ admin, power ]
+
+### EVENT TYPES
+
+[eventtypes]
+export = system
+
+
+### PROPS
+
+[props]
+export = system
+
+
+### TRANSFORMS
+
+[transforms]
+export = system
+
+
+### LOOKUPS
+
+[lookups]
+export = system
+
+
+### VIEWSTATES: even normal users should be able to create shared viewstates
+
+[viewstates]
+access = read : [ * ], write : [ * ]
+export = system

src/reporting_app/bin/reportingcsc.py

@@ -0,0 +1,61 @@
+#!/usr/bin/env python
+# coding=utf-8
+#
+# Copyright 2011-2015 Splunk, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"): you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os,sys
+
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "lib"))
+from splunklib.searchcommands import dispatch, ReportingCommand, Configuration, Option, validators
+
+
+@Configuration(requires_preop=True)
+class ReportingCSC(ReportingCommand):
+    """
+    The reportingcsc command returns a count of students having higher total marks than cutoff marks.
+
+    Example:
+
+    ``| makeresults count=10 | eval math=random()%100, eng=random()%100, cs=random()%100 |  reportingcsc cutoff=150
+    math eng cs``
+
+    returns a count of students out of 10 having a higher total marks than cutoff.
+    """
+
+    cutoff = Option(require=True, validate=validators.Integer(0))
+
+    @Configuration()
+    def map(self, records):
+        """returns a total marks of a students"""
+        # list of subjects
+        fieldnames = self.fieldnames
+        for record in records:
+            # store a total marks of a single student
+            total = 0.0
+            for fieldname in fieldnames:
+                total += float(record[fieldname])
+            yield {"totalMarks": total}
+
+    def reduce(self, records):
+        """returns a students count having a higher total marks than cutoff"""
+        pass_student_cnt = 0
+        for record in records:
+            value = float(record["totalMarks"])
+            if value >= float(self.cutoff):
+                pass_student_cnt += 1
+        yield {"student having total marks greater than cutoff ": pass_student_cnt}
+
+
+dispatch(ReportingCSC, sys.argv, sys.stdin, sys.stdout, __name__)

src/reporting_app/default/app.conf

@@ -0,0 +1,15 @@
+#
+# Splunk app configuration file
+#
+
+[install]
+is_configured = 0
+
+[ui]
+is_visible = 1
+label = Reporting App
+
+[launcher]
+description = Reporting custom search commands example
+version = 1.0.0
+