gregbuehler/spl-allowlist.py

## spl-allowlist.py
#!/usr/bin/env python3

import sys, os
import json
import requests
from argparse import ArgumentParser
from enum import Enum

def allowlist_append(domain, token, addr):
    endpoint = f"https://admin.splunk.com/{domain}/adminconfig/v2/access/s2s/ipallowlists"
    headers = {
        'Authorization': f"Bearer {token}",
        'Content-Type': 'application/json'
    }
    data = json.dumps({
        'subnets': [
            addr
        ]
    })

    try:
        r = requests.post(endpoint, headers=headers, data=data)
        r.raise_for_status()
        print(r.text)
    except Exception as e:
        print(f"error: {e}")
        sys.exit(2)

def allowlist_list(domain, token):
    endpoint = f"https://admin.splunk.com/{domain}/adminconfig/v2/access/s2s/ipallowlists"
    headers = {
        'Authorization': f"Bearer {token}",
    }

    try:
        r = requests.get(endpoint, headers=headers)
        r.raise_for_status()
        for subnet in r.json()['subnets']:
            print(subnet)
    except Exception as e:
        print(f"error: {e}")
        sys.exit(2)


class Action(Enum):
    list = "list"
    add = "add"

    def __str__(self):
        return self.value

SPLUNKCLOUD_DOMAIN = "SPLUNKCLOUD_DOMAIN"
SPLUNKCLOUD_TOKEN = "SPLUNKCLOUD_TOKEN"

parser = ArgumentParser(description='Modify the SplunkCloud allowlist')
parser.add_argument('--domain', type=str, help="SplunkCloud domain", default=os.environ.get(SPLUNKCLOUD_DOMAIN, ''))
parser.add_argument('--token', type=str, help="SplunkCloud token", default=os.environ.get(SPLUNKCLOUD_TOKEN, None))
parser.add_argument('action', type=Action, choices=list(Action), help='the action to take')
parser.add_argument('address', type=str, help='the CIDR address', default=None, nargs='?')
args = parser.parse_args()

if args.token is None:
    print("no token specified")
    sys.exit(2)

if args.action == Action.list:
    allowlist_list(args.domain, args.token)
    sys.exit(0)

if args.action == Action.add:
    if args.address is None:
        print("address not specifieed")
        sys.exit(2)

    allowlist_append(args.domain, args.token, args.address)
    sys.exit(0)
	#!/usr/bin/env python3

	import sys, os
	import json
	import requests
	from argparse import ArgumentParser
	from enum import Enum

	def allowlist_append(domain, token, addr):
	endpoint = f"https://admin.splunk.com/{domain}/adminconfig/v2/access/s2s/ipallowlists"
	headers = {
	'Authorization': f"Bearer {token}",
	'Content-Type': 'application/json'
	}
	data = json.dumps({
	'subnets': [
	addr
	]
	})

	try:
	r = requests.post(endpoint, headers=headers, data=data)
	r.raise_for_status()
	print(r.text)
	except Exception as e:
	print(f"error: {e}")
	sys.exit(2)

	def allowlist_list(domain, token):
	endpoint = f"https://admin.splunk.com/{domain}/adminconfig/v2/access/s2s/ipallowlists"
	headers = {
	'Authorization': f"Bearer {token}",
	}

	try:
	r = requests.get(endpoint, headers=headers)
	r.raise_for_status()
	for subnet in r.json()['subnets']:
	print(subnet)
	except Exception as e:
	print(f"error: {e}")
	sys.exit(2)


	class Action(Enum):
	list = "list"
	add = "add"

	def __str__(self):
	return self.value

	SPLUNKCLOUD_DOMAIN = "SPLUNKCLOUD_DOMAIN"
	SPLUNKCLOUD_TOKEN = "SPLUNKCLOUD_TOKEN"

	parser = ArgumentParser(description='Modify the SplunkCloud allowlist')
	parser.add_argument('--domain', type=str, help="SplunkCloud domain", default=os.environ.get(SPLUNKCLOUD_DOMAIN, ''))
	parser.add_argument('--token', type=str, help="SplunkCloud token", default=os.environ.get(SPLUNKCLOUD_TOKEN, None))
	parser.add_argument('action', type=Action, choices=list(Action), help='the action to take')
	parser.add_argument('address', type=str, help='the CIDR address', default=None, nargs='?')
	args = parser.parse_args()

	if args.token is None:
	print("no token specified")
	sys.exit(2)

	if args.action == Action.list:
	allowlist_list(args.domain, args.token)
	sys.exit(0)

	if args.action == Action.add:
	if args.address is None:
	print("address not specifieed")
	sys.exit(2)

	allowlist_append(args.domain, args.token, args.address)
	sys.exit(0)