Skip to content

Instantly share code, notes, and snippets.

Damien Dallimore damiendallimore

View GitHub Profile
@damiendallimore
damiendallimore / GoGenHandler.py
Created Nov 8, 2016
Custom output handler for wrapping Gogen with the Splunk Command Modular Input. Just add this class to command_ta/bin/outputhandlers.py
View GoGenHandler.py
class GoGenHandler:
def __init__(self,**args):
self.index = args['index']
self.source = args['source']
self.sourcetype = args['sourcetype']
self.host = args['host']
def __call__(self,raw_cmd_output):
print "<stream><event><data>%s</data><source>%s</source><sourcetype>%s</sourcetype><index>%s</index><host>%s</host></event></stream>" % (encodeXMLText(raw_cmd_output),self.source,self.sourcetype,self.index,self.host)
@damiendallimore
damiendallimore / Splunkbasehandler.py
Created Jul 16, 2015
Custom handler for the REST API Modular Input to page over results from a call to Splunkbase REST API to list all Apps
View Splunkbasehandler.py
class SplunkbaseHandler:
def __init__(self,**args):
pass
def __call__(self, response_object,raw_response_output,response_type,req_args,endpoint):
if response_type == "json":
output = json.loads(raw_response_output)
offset = output["offset"]
total = output["total"]
@damiendallimore
damiendallimore / LocalMQConnectionFactory.java
Created Jul 9, 2015
LocalMQConnectionFactory for JMS Messaging Modular Input
View LocalMQConnectionFactory.java
package com.splunk.modinput.jms.custom.factory;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.Writer;
import java.util.Map;
import javax.jms.ConnectionFactory;
import javax.jms.Queue;
import javax.jms.Topic;
@damiendallimore
damiendallimore / BodyOnlyMessageHandler.java
Created Jun 17, 2015
Custom Message Handler for Splunk Kafka Modular Input that outputs the raw message received only
View BodyOnlyMessageHandler.java
package com.splunk.modinput.kafka;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import com.splunk.modinput.Stream;
import com.splunk.modinput.StreamEvent;
@damiendallimore
damiendallimore / BodyOnlyMessageHandler.java
Created Jun 17, 2015
MQTT Mod Input customer message handler that outputs an epoch timestamp and the message payload only
View BodyOnlyMessageHandler.java
package com.splunk.modinput.mqtt;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.eclipse.paho.client.mqttv3.MqttMessage;
import com.splunk.modinput.Stream;
@damiendallimore
damiendallimore / com.foo.modinput.amqp.JSONMessageHandler.java
Last active Aug 29, 2015
Custom Message Handler for AMQP Modular Input that just dumps the raw received JSON to Splunk
View com.foo.modinput.amqp.JSONMessageHandler.java
package com.splunk.modinput.amqp;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import com.rabbitmq.client.AMQP;
import com.rabbitmq.client.Envelope;
import com.splunk.modinput.Stream;
import com.splunk.modinput.StreamEvent;
@damiendallimore
damiendallimore / 0_reuse_code.js
Last active Aug 29, 2015
Here are some things you can do with Gists in GistBox.
View 0_reuse_code.js
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console
@damiendallimore
damiendallimore / responsehandlers.py
Last active Aug 29, 2015
Custom response handler for automatic.com responses received by the REST API Modular Input Add-on for Splunk
View responsehandlers.py
import json
import requests
#the default handler , does nothing , just passes the raw output directly to STDOUT
class DefaultResponseHandler:
def __init__(self,**args):
pass
def __call__(self, response_object,raw_response_output,response_type,req_args,endpoint):
@damiendallimore
damiendallimore / PayloadOnlyMessageHandler.java
Created Oct 17, 2014
Custom Splunk JMS Modular Input message handler to output just the message payload
View PayloadOnlyMessageHandler.java
package com.splunk.modinput.jms.customhandler;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.jms.Message;
import com.splunk.modinput.Stream;
import com.splunk.modinput.StreamEvent;
@damiendallimore
damiendallimore / FoursquareCheckins
Created May 21, 2014
Foursquare Checkins example input.confs stanza for the REST API Modular Input
View FoursquareCheckins
[rest://foursquare_checkins]
auth_type = none
endpoint = https://api.foursquare.com/v2/users/self/checkins
http_method = GET
index_error_response_codes = 1
response_handler = FourSquareCheckinsEventHandler
response_type = json
sourcetype = 4sq_checkins
index = main
streaming_request = 0
You can’t perform that action at this time.