admingit
/
Splunk_Deploiement
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2b74f640ce'
${ noResults }
Splunk_Deploiement/apps/TA-socradar-incidents/bin/socradar_incidents_collecto...

95 lines
3.6 KiB
Raw Blame History

import ta_socradar_incidents_declare
import os
import sys
import time
import datetime
import json
import modinput_wrapper.base_modinput
from splunklib import modularinput as smi
import input_module_socradar_incidents_collector as input_module
bin_dir = os.path.basename(__file__)
'''
Do not edit this file!!!
This file is generated by Add-on builder automatically.
Add your modular input logic to file input_module_socradar_incidents_collector.py
'''
class ModInputsocradar_incidents_collector(modinput_wrapper.base_modinput.BaseModInput):
def __init__(self):
if 'use_single_instance_mode' in dir(input_module):
use_single_instance = input_module.use_single_instance_mode()
else:
use_single_instance = False
super(ModInputsocradar_incidents_collector, self).__init__("ta_socradar_incidents", "socradar_incidents_collector", use_single_instance)
self.global_checkbox_fields = None
def get_scheme(self):
"""overloaded splunklib modularinput method"""
scheme = super(ModInputsocradar_incidents_collector, self).get_scheme()
scheme.title = ("SOCRadar Incidents API Collector")
scheme.description = ("Go to the add-on\'s configuration UI and configure modular inputs under the Inputs menu.")
scheme.use_external_validation = True
scheme.streaming_mode_xml = True
scheme.add_argument(smi.Argument("name", title="Name",
description="",
required_on_create=True))
"""
For customized inputs, hard code the arguments here to hide argument detail from users.
For other input types, arguments should be get from input_module. Defining new input types could be easier.
"""
scheme.add_argument(smi.Argument("socradar_api_key", title="SOCRadar API Key",
description="",
required_on_create=False,
required_on_edit=False))
scheme.add_argument(smi.Argument("socradar_company_id", title="SOCRadar Company ID",
description="",
required_on_create=False,
required_on_edit=False))
return scheme
def get_app_name(self):
return "TA-socradar-incidents"
def validate_input(self, definition):
"""validate the input stanza"""
input_module.validate_input(self, definition)
def collect_events(self, ew):
"""write out the events"""
input_module.collect_events(self, ew)
def get_account_fields(self):
account_fields = []
return account_fields
def get_checkbox_fields(self):
checkbox_fields = []
return checkbox_fields
def get_global_checkbox_fields(self):
if self.global_checkbox_fields is None:
checkbox_name_file = os.path.join(bin_dir, 'global_checkbox_param.json')
try:
if os.path.isfile(checkbox_name_file):
with open(checkbox_name_file, 'r') as fp:
self.global_checkbox_fields = json.load(fp)
else:
self.global_checkbox_fields = []
except Exception as e:
self.log_error('Get exception when loading global checkbox parameter names. ' + str(e))
self.global_checkbox_fields = []
return self.global_checkbox_fields
if __name__ == "__main__":
exitcode = ModInputsocradar_incidents_collector().run(sys.argv)
sys.exit(exitcode)
Reference in new issue View Git Blame Copy Permalink