PagerDutyToSplunk.py

PagerDutyToSplunk.py

import os
import json
import urllib
import urllib2
from datetime import datetime  
from datetime import timedelta
import json



splunk_token = ""
splunk_instance_id = ""
pagerduty_token = ""

now = datetime.now().replace(hour=0, minute=0, second=0, microsecond=0)
start = now + timedelta(days=-1)  

# Get data from PagerDuty
headers = {
        "Authorization" :"Token token=" + pagerduty_token,
        'Content-type': 'application/json'
    }
data = {
    "since" : start.isoformat(),
    "until": now.isoformat(),
    "is_overview": "false"}
url = "https://api.pagerduty.com/log_entries?%s" % (urllib.urlencode(data))
req = urllib2.Request(url, headers=headers)
response = urllib2.urlopen(req)
the_page =  unicode(response.read(),errors='replace')
page_json = json.loads(the_page)


# Set the data in the right format for Splunk
data = ''
for (i, item) in enumerate(page_json['log_entries']):
    data += json.dumps({"event": item})


# Push the data to splunk
headers = {
    "Authorization" :"Splunk " + splunk_token,
    'Content-type': 'application/json'
}
url = "https://input-" + splunk_instance_id + ".cloud.splunk.com:8088/services/collector/event"
print(url)

req = urllib2.Request(url, data, headers=headers)
response = urllib2.urlopen(req)
the_page =  unicode(response.read(),errors='replace')
page_json = json.loads(the_page)

output = open(os.environ['res'], 'w')
output.write(data)