Luke LukeMurphey

## parseKindleMetadata.py
import xml.dom.minidom
import csv

# Get the Kindle meta-data by:
#   1. Installing and running the Kindle app
#   2. Viewing the file in %appdata% at AppData\Local\Amazon\Kindle\Cache\KindleSyncMetadataCache.xml'

kindleMetaDataPath = 'KindleSyncMetadataCache.xml'
csvOutputPath = 'KindleBooks.csv'

## server.conf
# You can determine if the Splunk install is Splunk cloud by looking at the /services/server/info/server-info (e.g. https://127.0.0.1:8089/services/server/info/server-info) endpoint.
# If the install is running on Splunk Cloud, it will have a field named "instance_type" that has a value of "cloud".
# $SPLUNK_HOME/etc/system/local/server.conf that sets the instance type to cloud, like this:
[general]
instanceType = cloud

## rest_handler.py
"""
This class makes creating a REST handler for Splunk easier.

The class will automatically call a function within the class based on the path and the method.

For example, if a GET call is made to the path "ping", then this class will call the function
get_ping().

Below is an example.

## rest_handler.py
"""
This class makes creating a REST handler for Splunk easier.

The class will automatically call a function within the class based on the path and the method.

For example, if a GET call is made to the path "ping", then this class will call the function
get_ping().

Below is an example.

## get_notables.py
"""
This script shows how to get notable events from a Splunk instance running Enterprise Security.

This script runs using the libraries built into Splunk. You can run it like this:

    /opt/splunk/bin/splunk cmd python get_notables.py
"""

import splunk.auth
import splunk.search

## get_asset.py

import splunk.auth
import splunk.search
import time

def get_asset(host, session_key):
    # Declare some static vars
    search = '| stats count | eval asset="%s" | fields asset | `get_asset(asset)`' % host
    latest_time = "now"
    earliest_time = "0"

## makefile.py
import sys

if len(sys.argv) != 3:
    print 'Incorrect number of arguments; provide the file-name followed by the file-size.\ne.g. you can make a 1 GB file named "newfile" by calling:\n\n    %s newfile 1073741824' % (sys.argv[0])
    exit()

filename = sys.argv[1]
size = int(sys.argv[2])

with open(filename, "wb") as f:

## splunk_amazon_spent_history
source="01-Jan-2006_to_29-Jun-2018.csv"
| eval _time=strptime('Shipment Date',"%m/%d/%y")
| rex field="Purchase Price Per Unit" "(?<price>[0-9.]+)"
| rex field="Shipment Date" "[0-9][0-9]/[0-9][0-9]/(?<year>([0-9][0-9]))"
| stats sum(price) as spent by year

## scroll_left_right_to_tab_next_back.json
"rules": [
                    {
                        "description": "Mouse right scroll to ctrl+tab (next tab)",
                        "manipulators": [
                            {
                                "from": {
                                    "pointing_button": "button5"
                                },
                                "to": [
                                    {

## jira_convert_attached_tickets_to_table.js
$('#ghx-issues-in-epic-table td:nth-child(2)').text().replace(/\s+/gi, " | | | \n |")
	import xml.dom.minidom
	import csv

	# Get the Kindle meta-data by:
	# 1. Installing and running the Kindle app
	# 2. Viewing the file in %appdata% at AppData\Local\Amazon\Kindle\Cache\KindleSyncMetadataCache.xml'

	kindleMetaDataPath = 'KindleSyncMetadataCache.xml'
	csvOutputPath = 'KindleBooks.csv'
	# You can determine if the Splunk install is Splunk cloud by looking at the /services/server/info/server-info (e.g. https://127.0.0.1:8089/services/server/info/server-info) endpoint.
	# If the install is running on Splunk Cloud, it will have a field named "instance_type" that has a value of "cloud".
	# $SPLUNK_HOME/etc/system/local/server.conf that sets the instance type to cloud, like this:
	[general]
	instanceType = cloud
	"""
	This class makes creating a REST handler for Splunk easier.

	The class will automatically call a function within the class based on the path and the method.

	For example, if a GET call is made to the path "ping", then this class will call the function
	get_ping().

	Below is an example.
	"""
	This script shows how to get notable events from a Splunk instance running Enterprise Security.

	This script runs using the libraries built into Splunk. You can run it like this:

	/opt/splunk/bin/splunk cmd python get_notables.py
	"""

	import splunk.auth
	import splunk.search

	import splunk.auth
	import splunk.search
	import time

	def get_asset(host, session_key):
	# Declare some static vars
	search = '\| stats count \| eval asset="%s" \| fields asset \| `get_asset(asset)`' % host
	latest_time = "now"
	earliest_time = "0"
	import sys

	if len(sys.argv) != 3:
	print 'Incorrect number of arguments; provide the file-name followed by the file-size.\ne.g. you can make a 1 GB file named "newfile" by calling:\n\n %s newfile 1073741824' % (sys.argv[0])
	exit()

	filename = sys.argv[1]
	size = int(sys.argv[2])

	with open(filename, "wb") as f:
	source="01-Jan-2006_to_29-Jun-2018.csv"
	\| eval _time=strptime('Shipment Date',"%m/%d/%y")
	\| rex field="Purchase Price Per Unit" "(?<price>[0-9.]+)"
	\| rex field="Shipment Date" "[0-9][0-9]/[0-9][0-9]/(?<year>([0-9][0-9]))"
	\| stats sum(price) as spent by year
	"rules": [
	{
	"description": "Mouse right scroll to ctrl+tab (next tab)",
	"manipulators": [
	{
	"from": {
	"pointing_button": "button5"
	},
	"to": [
	{