SH-Deployer/apps/SA-ITOA/bin/command_at_preceder.py

# Copyright (C) 2005-2024 Splunk Inc. All Rights Reserved.

import logging
import re
import sys


from splunk.clilib.bundle_paths import make_splunkhome_path

sys.path.append(make_splunkhome_path(['etc', 'apps', 'SA-ITOA', 'lib']))
import itsi_path
from ITOA.setup_logging import setup_logging
from at_utils.chunked_util import read_chunk, write_chunk
from at_utils.utils import log_and_die, chunker, gather_input_data

##################
# itsiatpreceder
##################
# Command logs to $SPLUNK_HOME/var/log/splunk/itsi_at_preceder.log


# Windows will mangle our line-endings unless we do this.
if sys.platform == "win32":
    import os
    import msvcrt

    msvcrt.setmode(sys.stdout.fileno(), os.O_BINARY)
    msvcrt.setmode(sys.stderr.fileno(), os.O_BINARY)
    msvcrt.setmode(sys.stdin.fileno(), os.O_BINARY)

logger = setup_logging("itsi_at_preceder_command.log", "itsi.apply_at.preceder", level=logging.DEBUG)


def parse_args(args, in_metadata, out_metadata, logger):
    params = {}
    params['use_kv_store'] = True
    params['use_temp_collection'] = False
    params['entity_level_thresholds'] = False
    params['threshold_key'] = 'aggregate_thresholds'

    if 'nokv' in args:
        params['use_kv_store'] = False
    if 'usetempcollection' in args:
        params['use_temp_collection'] = True

        r = re.search(r'\s*collection\s*=\s*(?P<coll>\S+)\'', str(args))
        if r is not None:
            try:
                params['temp_collection'] = r.group('coll')
                logger.debug("Temporary collection name: %s" %
                             str(params['temp_collection']))
            except Exception:
                log_and_die(metadata=out_metadata, logger=logger,
                            msg='Failed to parse temporary collection name in parameters.')
        else:
            log_and_die(metadata=out_metadata, logger=logger,
                        msg='Must provide a temporary collection name.')

        r = re.search(r'\s*key\s*=\s*(?P<key>\S+)\'', str(args))
        if r is not None:
            try:
                params['temp_key'] = r.group('key')
                logger.debug("Temporary object key: %s" %
                             str(params['temp_key']))
            except Exception:
                log_and_die(metadata=out_metadata, logger=logger,
                            msg='Failed to parse temporary object key in parameters.')
        else:
            log_and_die(metadata=out_metadata, logger=logger,
                        msg='Must provide a temporary object key.')

    params['session_key'] = str(in_metadata['searchinfo']['session_key'])

    if globals().get('ENABLE_FILE_ARGUMENT', False):
        r = re.search(r'\s*file\s*=\s*(?P<fname>\S+)\'', str(args))
    else:
        r = None

    if r is not None and not params['use_kv_store']:
        try:
            params['settings_file'] = r.group('fname')
            logger.debug("Settings file: %s" % str(params['settings_file']))
        except Exception:
            log_and_die(
                metadata=out_metadata, logger=logger, msg='Failed to parse settings file in parameters.')
    elif not params['use_kv_store']:
        log_and_die(
            metadata=out_metadata, logger=logger, msg='No settings file specified.')

    if not params['use_kv_store'] and params['use_temp_collection']:
        log_and_die(
            metadata=out_metadata, logger=logger, msg="Incompatible arguments passed: nokv and usetempcollection.")

    return params


def main():
    logger.debug(
        "Starting ITSI AT preceder.")
    out_metadata = {}
    out_metadata['inspector'] = {'messages': []}

    # Phase 0: getinfo exchange
    metadata, body = read_chunk(sys.stdin, logger)
    # Don't run in preview.
    if metadata.get('preview', False):
        write_chunk(sys.stdout, {'finished': True}, '')
        sys.exit(0)

    args = str(metadata['searchinfo']['args'])

    params = parse_args(
        args=args, in_metadata=metadata, out_metadata=out_metadata, logger=logger)
    params['logger'] = logger
    params['out_metadata'] = out_metadata

    params['out_metadata']['finished'] = False
    fields_list = ['_time', 'itsi_service_id', 'itsi_kpi_id', 'alert_value']
    params['out_metadata']['required_fields'] = fields_list
    params['out_metadata']['type'] = 'reporting'
    write_chunk(sys.stdout, params['out_metadata'], '')
    params['out_metadata'].pop('type', None)
    params['out_metadata'].pop('required_fields', None)
    # Phase 1:
    gather_input_data(params, logger, fields_list)
    # Calling the chunker
    chunker(params)
    ret = read_chunk(sys.stdin, logger)
    if ret:
        write_chunk(sys.stdout, {"finished": True}, '')

    logger.debug(
        "Finished ITSI AT preceder.")


if __name__ == "__main__":
    main()