Class: SplunkConnector
Overview
This code needs to be smarter to allow it to continue to search for the correct record(s) when more than one device is logging.
Instance Method Summary collapse
-
#channel_list_unit_test ⇒ Object
Execute this unit test to validate retrieval of the channel list delivered from the figaro interface This test waits approximately 5 minutes for data to be delivered to splunk from figaro You must trigger an event to request the channel list independently of this test execution You may use OVP login with figaro_local to cause this to occur * see configuration note below during testing a latency of approximately 1 minute was observed between the figaro console logging of the data until it was available from splunk.
-
#list_apps(service) ⇒ Object
list_apps can be used to validate the connection to splunk is healthy.
-
#parse_splunk_record(splunk_stream, desired_path) ⇒ Object
parse_splunk_record encapsulates the processing of records retrieved from splunk (where the record represented has a json element within a figaro response - at the location “request.params.path” ) AND the returned record(s) are contained by “response.payload”.
-
#search_splunk(search_string, desired_path, num_tries = 100, look_back_secs = 5) ⇒ Object
provides a mechanism to execute a given splunk search ex: “search index=figaro” keeps executing the search for a given number of attempts, or until the desired path (where the record represented has a json element within a figaro response - at the location “request.params.path” ) AND the returned record(s) are contained by “response.payload”.
-
#validate_splunk_connection ⇒ Object
Use this method to test the connection is being made properly.
Instance Method Details
#channel_list_unit_test ⇒ Object
Execute this unit test to validate retrieval of the channel list delivered from the figaro interface This test waits approximately 5 minutes for data to be delivered to splunk from figaro You must trigger an event to request the channel list independently of this test execution You may use OVP login with figaro_local to cause this to occur * see configuration note below during testing a latency of approximately 1 minute was observed between the figaro console logging of the data until it was available from splunk
113 114 115 116 117 118 119 120 |
# File 'lib/data_services/splunk_connector.rb', line 113 def channel_list_unit_test search_string = "search index=figaro" channel_list = SplunkConnector.new.search_splunk search_string, "ipvs/api/smarttv/channels/v1", 300, "-10s" if channel_list.length > 0 puts channel_list[0].to_s end end |
#list_apps(service) ⇒ Object
list_apps can be used to validate the connection to splunk is healthy
20 21 22 23 24 25 26 27 |
# File 'lib/data_services/splunk_connector.rb', line 20 def list_apps service puts ' List of apps ' puts '======================' service.apps.each do |app| puts app.name end end |
#parse_splunk_record(splunk_stream, desired_path) ⇒ Object
parse_splunk_record encapsulates the processing of records retrieved from splunk (where the record represented has a json element within a figaro response - at the location “request.params.path” ) AND the returned record(s) are contained by “response.payload”
74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/data_services/splunk_connector.rb', line 74 def parse_splunk_record splunk_stream, desired_path results = [] reader = Splunk::ResultsReader.new(splunk_stream) reader.each do |result| raw_result = result["_raw"] puts raw_result.to_s r = JSON.parse raw_result path = r["request"]["params"]["path"] payload = r["response"]["payload"] puts "path = #{path}" puts "payload = #{payload}" if (path == desired_path) results.push payload end end return results end |
#search_splunk(search_string, desired_path, num_tries = 100, look_back_secs = 5) ⇒ Object
provides a mechanism to execute a given splunk search ex: “search index=figaro” keeps executing the search for a given number of attempts, or until the desired path (where the record represented has a json element within a figaro response - at the location “request.params.path” ) AND the returned record(s) are contained by “response.payload”
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/data_services/splunk_connector.rb', line 33 def search_splunk( search_string, desired_path, num_tries = 100, look_back_secs = 5) service = Splunk::Service.new(:host => "chrcnc-hnav-splunksearchhead-01.os.vap.rr.com", :port => 8089, :username => "figaro", :password => "figaro").login() results = [] if (desired_path.nil? || desired_path.length() < 1) puts "ERROR: search_splunk: desired_path must be specified " end puts "executing search_splunk #{search_string} for #{desired_path}" num_results = 0 while num_tries > 0 job = Splunk::Jobs.new(service) stream = job.create_oneshot( search_string, :earliest_time => look_back_secs, :latest_time => "now") sep_results = Splunk::ResultsReader.new(stream) num_results = sep_results.count() puts Time.new.inspect + " " + num_results.to_s + " matches looking for results: #{search_string}" if (num_results > 0) results = parse_splunk_record stream, desired_path puts "There are " + results.count().to_s + " records in results" if (results.count() > 0) puts "\n\n" break end end num_tries = num_tries - 1 sleep 1 end return results end |
#validate_splunk_connection ⇒ Object
Use this method to test the connection is being made properly
96 97 98 99 100 101 102 103 104 105 |
# File 'lib/data_services/splunk_connector.rb', line 96 def validate_splunk_connection service = Splunk::Service.new(:host => "chrcnc-hnav-splunksearchhead-01.os.vap.rr.com", :port => 8089, :username => "figaro", :password => "figaro").login() # list_apps can be used to validate the connection to splunk is healthy s_connector = SplunkConnector.new s_connector.list_apps service end |