python notes app that sends your note to a Splunk instance via HEC

notes_to_hec.py

import argparse
import requests
import json
import logging

logging.captureWarnings(True)


parser = argparse.ArgumentParser(prog="notes.py", description="So you want to take a note?",
                                 usage="python notes.py --course 'A Hard Course' --book 1 --topic 'The Hardest Course' --desc 'a thing that stashs logs'")
parser.add_argument('--course',  type=str,
                    help='course code')
parser.add_argument('--book',  type=str, help='book number')
parser.add_argument('--page',  type=str, help='page number(s)')
parser.add_argument('--topic', type=str, help='topic of note')
parser.add_argument('--desc',  type=str, help='note text')

args = parser.parse_args()


try:

    event = {'course': args.course, 'book': args.book,
             'page': args.page, 'topic': args.topic.split(", "), 'desc': args.desc}
    body = {"event": event}
    headers = {"Authorization": "Splunk <TOKEN>"}
    url = "https://<HOST>:<PORT>/services/collector/event"

    r = requests.post(url=url, headers=headers,
                      data=json.dumps(body), verify=False)

except Exception as e:
    print("Aw shit, we failed...")
    print(e)

Take-Note.ps1

function Take-Note{
    [CmdletBinding()]
    param (
        [Parameter()]
        [String]$desc,
        [String]$course= "life",
        [String]$book= "0",
        [String]$page= "0",
        [String[]]$topic= "General"
        
    )
    
    C:\notes\venv\python.exe C:\notes\notes.py --course $course --book $book --page $page --topic ($topic -join ", ") --desc $desc

}

Set-Alias -Name tn -Value Take-Note

Take-Notes.ps1 is just a ps wrapper around notes.py, because powershell is love

Now you can pass an COMMA-SPACE separated string to topic and it'll handle it. powershell wrapper takes an actual array.