/** * Returns this job's search ID from within a response message. * * @param response The response message. * @return This job's SID. */ static String getSid(ResponseMessage response) { return Xml.parse(response.getContent()) .getElementsByTagName("sid") .item(0) .getTextContent(); }
private InputStream getEventsMethod(String methodPath, Map args) { checkReady(); if (args == null) { args = new HashMap<String, Object>(); } if (!args.containsKey("segmentation")) { // By default, don't include notations in the results to highlight // search terms (i.e., <sg> elements in XML output). args.put("segmentation", "none"); } ResponseMessage response = service.get(path + methodPath, args); return response.getContent(); }
/** * Returns the {@code InputStream} IO handle for the timeline for this job. * * @param args Optional arguments ("output_time_format" and "time_format"). * @return The timeline {@code InputStream} IO handle. */ public InputStream getTimeline(Map args) { checkReady(); ResponseMessage response = service.get(path + "/timeline", args); return response.getContent(); }
/** * Returns the {@code InputStream} IO handle to the search log for this job. * * @param args Optional argument ("attachment"). * @return The search log {@code InputStream} IO handle. */ public InputStream getSearchLog(Map args) { checkReady(); ResponseMessage response = service.get(path + "/search.log", args); return response.getContent(); }
/** * Creates a oneshot synchronous search using search arguments. * * @param query The search query. * @param args The search arguments:<ul> * <li>"output_mode": Specifies the output format of the results (XML, JSON, * or CSV).</li> * <li>"earliest_time": Specifies the earliest time in the time range to * search. The time string can be a UTC time (with fractional seconds), a * relative time specifier (to now), or a formatted time string.</li> * <li>"latest_time": Specifies the latest time in the time range to search. * The time string can be a UTC time (with fractional seconds), a relative * time specifier (to now), or a formatted time string.</li> * <li>"rf": Specifies one or more fields to add to the search.</li></ul> * @return The search results. */ public InputStream oneshotSearch(String query, Map args) { args = Args.create(args); args.put("search", query); args.put("exec_mode", "oneshot"); // By default, don't highlight search terms in the search output. if (!args.containsKey("segmentation")) { args.put("segmentation", "none"); } ResponseMessage response = post(JobCollection.REST_PATH, args); return response.getContent(); }
/** * Returns the {@code InputStream} IO handle for the summary for this job. * * @param args Optional arguments. * For a list of possible parameters, see the Request parameters for the * <a href="http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTsearch#GET_search.2Fjobs.2F.7Bsearch_id.7D.2Fsummary" * target="_blank">GET search/jobs/{search_id}/summary</a> * endpoint in the REST API documentation. * @return The summary {@code InputStream} IO handle. */ public InputStream getSummary(Map args) { checkReady(); ResponseMessage response = service.get(path + "/summary", args); return response.getContent(); }
/** {@inheritDoc} */ @Override public Entity refresh() { // Update any attribute values set by a setter method that has not // yet been written to the object. ResponseMessage response = service.get(path); assert(response.getStatus() == 200); AtomFeed feed; try { feed = AtomFeed.parseStream(response.getContent()); } catch (Exception e) { throw new RuntimeException(e); } int count = feed.entries.size(); if (count > 1) { throw new IllegalStateException("Expected 0 or 1 Atom entries; found " + feed.entries.size()); } AtomEntry entry = count == 0 ? null : feed.entries.get(0); load(entry); return this; }
InputStreamReader r; try { r = new InputStreamReader(response.getContent(), "UTF-8"); } catch (UnsupportedEncodingException e1) { throw new AssertionError("How does your system not support UTF-8?");
/** {@inheritDoc} */ @Override public ResourceCollection refresh() { items.clear(); ResponseMessage response = list(); assert(response.getStatus() == 200); AtomFeed feed = null; try { feed = AtomFeed.parseStream(response.getContent()); } catch (Exception e) { throw new RuntimeException(e); } load(feed); return this; }
/** * Returns an array of search jobs created from this saved search. * * @return An array of search jobs. */ public Job[] history() { ResponseMessage response = service.get(actionPath("history")); AtomFeed feed; try { feed = AtomFeed.parseStream(response.getContent()); } catch (Exception e) { throw new RuntimeException(e); } int count = feed.entries.size(); Job[] result = new Job[count]; for (int i = 0; i < count; ++i) { String sid = feed.entries.get(i).title; result[i] = new Job(service, JobCollection.REST_PATH + "/" + sid); } return result; }
/** * Runs an export search with arguments (using the {@code search/jobs/export} * endpoint), and streams results back in an input stream. * * @param search The search query to run. * @param args Additional search arguments. * For a list of possible parameters, see * <a href="http://dev.splunk.com/view/SP-CAAAEHQ#savedsearchparams" * target="_blank">Saved search parameters</a> on * <a href="http://dev.splunk.com/view/SP-CAAAEHQ" * target="_blank">dev.splunk.com</a>. * @return The {@code InputStream} object that contains the search results. */ public InputStream export(String search, Map args) { args = Args.create(args).add("search", search); // By default don't highlight search terms in the output. if (!args.containsKey("segmentation")) { args.put("segmentation", "none"); } ResponseMessage response = get(JobCollection.REST_PATH + "/export", args); return new ExportResultsStream(response.getContent()); }
/** * Creates a search. * <p> * <b>Note:</b> You can't create a "oneshot" search using this method. * Instead, use the {@link Service#oneshotSearch} method. * * @param query The search query. * @param args Additional arguments for this job (see {@link JobArgs}). * @return The unique search identifier (SID). */ public Job create(String query, Map args) { if (args != null && args.containsKey("exec_mode")) { if (args.get("exec_mode").equals("oneshot")) throw new RuntimeException(oneShotNotAllowed); } args = Args.create(args).add("search", query); ResponseMessage response = service.post(path, args); assert(response.getStatus() == 201); String sid = Xml.parse(response.getContent()) .getElementsByTagName("sid") .item(0) .getTextContent(); Job job = new Job(service, REST_PATH + "/" + sid); job.refresh(); return job; }
Set<InputKind> kinds = new HashSet<InputKind>(); ResponseMessage response = service.get(this.path + "/" + Util.join("/", subPath)); AtomFeed feed = AtomFeed.parseStream(response.getContent()); for (AtomEntry entry : feed.entries) { String itemKeyName = itemKey(entry);
/** * Logs an event to this index through HTTP POST. * * @param indexName The index to write to. * @param data A string containing event data. * @param args Optional arguments for this stream. Valid parameters are: * "host", "host_regex", "source", and "sourcetype". */ public void submit(String indexName, Args args, String data) { String sendString = ""; RequestMessage request = new RequestMessage("POST"); request.setContent(data); if (indexName !=null) { sendString = String.format("?index=%s", indexName); } if (args != null && args.size() > 0) { sendString = sendString + ((indexName == null) ? "?" : "&"); sendString = sendString + args.encode(); } ResponseMessage response = service.send(service.simpleReceiverEndPoint + sendString, request); try { response.getContent().close(); } catch (IOException e) { // noop } }
/** * Refreshes this job. * * @return The search job. */ @Override public Job refresh() { update(); ResponseMessage response = service.get(path); if (response.getStatus() == 204) { isReady = false; return this; } AtomEntry entry; try { entry = AtomEntry.parseStream(response.getContent()); } catch (Exception e) { throw new RuntimeException(e); } load(entry); if (getString("dispatchState").equals("QUEUED") || getString("dispatchState").equals("PARSING")) { isReady = false; } else { isReady = true; } return this; }
feed = AtomFeed.parseStream(response.getContent()); } catch (Exception e) { throw new RuntimeException(e);
/** * Authenticates the {@code Service} instance with a specified username and * password. Note that these values override any previously-set values for * username and password. * * @param username The Splunk account username. * @param password The password for the username. * @return The current {@code Service} instance. */ public Service login(String username, String password) { this.username = username; this.password = password; Args args = new Args(); args.put("username", username); args.put("password", password); args.put("cookie", "1"); ResponseMessage response = post("/services/auth/login", args); String sessionKey = Xml.parse(response.getContent()) .getElementsByTagName("sessionKey") .item(0) .getTextContent(); this.token = "Splunk " + sessionKey; this.version = this.getInfo().getVersion(); if (versionCompare("4.3") >= 0) this.passwordEndPoint = "storage/passwords"; return this; }
/** * Query Splunk for SPL queries corresponding to this pivot. * * @return a Pivot object encapsulating the returned queries. */ public Pivot pivot() { Service service = this.dataModelObject.getDataModel().getService(); Args args = new Args(); args.put("pivot_json", toJson()); if (this.accelerationNamespace != null) { args.put("namespace", this.accelerationNamespace); } ResponseMessage response = service.get( "datamodel/pivot/" + this.dataModelObject.getDataModel().getName(), args ); if (response.getStatus() != 200) { throw HttpException.create(response); } else { return Pivot.parseStream(service, response.getContent()); } } }