ZenDesk event handler in Splunk using rest
| class ZenDeskEventHandler: | |
| def __init__(self,**args): | |
| pass | |
| #process the received JSON array | |
| def process_automatic_response(self,data): | |
| output = json.loads(data) | |
| end_time = 0 | |
| for event in output["tickets"]: | |
| #each element of the array is written to Splunk as a seperate event | |
| print_xml_stream(json.dumps(event)) | |
| if "end_time" in output: | |
| #get and set the latest end_time | |
| end_time = output["end_time"] | |
| return end_time | |
| def __call__(self, response_object,raw_response_output,response_type,req_args,endpoint): | |
| if response_type == "json": | |
| last_end_time = 0 | |
| #process the response from the orginal request | |
| end_time = self.process_automatic_response(raw_response_output) | |
| #set the latest end_time | |
| if end_time > last_end_time: | |
| last_end_time = end_time | |
| #follow any pagination links in the response | |
| next_link = response_object["next_page"] | |
| while next_link: | |
| next_response = requests.get(next_link) | |
| end_time = self.process_automatic_response(next_response.text) | |
| #set the latest end_time | |
| if end_time > last_end_time: | |
| last_end_time = end_time | |
| next_link = next_response.links["next_page"] | |
| if not "params" in req_args: | |
| req_args["params"] = {} | |
| #set the start URL attribute for the next request | |
| #the Mod Input will persist this to inputs.conf for you | |
| req_args["params"]["start_time"] = last_end_time | |
| else: | |
| print_xml_stream(raw_response_output) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment