Source

pyohio_talk / pysp / splunk_examples.py

import sys
from splunk import search as splunk_search
from splunk import auth as splunk_auth


class SplunkExamples(object):

    def __init__(self):
        self._key = splunk_auth.getSessionKey('admin', 'changeme')

    def tail_syslog(self, number=10):
        """Tail the last 'n' events"""

        args = {'search': 'search sourcetype="syslog"',
                'max_count': '%d' % number,
                'latest_time': 'rt',
                'status_buckets': '300',
                'earliest_time': 'rt'}

        search_job = splunk_search.dispatch(**args)

        for index, event in enumerate(search_job.events):
            yield event

        search_job.cancel()

    def report_from_syslog(self):
        """Create basic report from syslog data"""
        pass

    def alert_from_syslog(self):
        """Create alert for nagios from syslog data"""
        pass
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.