admingit
/
SH-Deployer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
SH-Deployer/apps/SA-ITSI-MetricAD/lib/mad_lib/mad_savedsearches.py

73 lines
2.4 KiB
Raw Permalink Blame History

import json
import logging
from .mad_util import MADRESTException
from .mad_splunk_util import setup_logging
logger = setup_logging('mad_rest.log', 'mad_rest', level=logging.DEBUG)
class MADSavedSearchManager(object):
def __init__(self, service):
self.saved_searches = service.saved_searches
self.indexes = service.indexes
def check_index(self, output_dest):
try:
self.indexes.get(output_dest)
except Exception:
logger.exception("Exception looking up output index '%s'" % output_dest)
logger.warn("Output index '%s' not found, MAD output may not get indexed" % output_dest)
def get_spl(self, context):
return " | ".join([context.search, "mad context=%s" % context.name, "collect index=%s" % context.output_dest, "where 1=2"])
def create(self, context):
self.check_index(context.output_dest)
kwargs = {
"cron_schedule": "* * * * *",
"is_scheduled": True,
"dispatch.earliest_time": "rt",
"dispatch.latest_time": "rt",
"dispatch.indexedRealtime": True,
"disabled": True,
}
# Create a saved search
try:
self.saved_searches.create(context.name, self.get_spl(context), **kwargs)
except Exception:
err_msg = "Could not create saved search '%s' with \n %s" % (context.name, json.dumps(kwargs))
logger.exception(err_msg)
raise MADRESTException(err_msg, logging.ERROR, status_code=500)
def update(self, new_context):
self.check_index(new_context.output_dest)
kwargs = {
"search" : self.get_spl(new_context),
"disabled": new_context.disabled
}
try:
saved_search = self.saved_searches[new_context.name]
saved_search.update(**kwargs).refresh()
except Exception:
err_msg = "Could not update saved search '%s'" % new_context.name
logger.exception(err_msg)
raise MADRESTException(err_msg, logging.ERROR, status_code=500)
def delete(self, name):
try:
self.saved_searches.delete(name)
except KeyError:
logger.warn("Could not find saved search '%s'" % name)
except Exception:
err_msg = "Could not delete saved search '%s'" % name
logger.exception(err_msg)
raise MADRESTException(err_msg, logging.WARN, status_code=500)
Reference in new issue View Git Blame Copy Permalink