Releases: emerald-squad/splunk-firehose-nozzle-release
v1.9.0
v1.8.9
- Extracted filter to be part of manifest, no longer necessary to create a new bosh release when you want to modify the filter
Deployment
releases:
- name: cf-splunk
version: 1.8.9
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.9/cf-splunk-1.8.9.tgz
sha1: a5f5ed911ad4b79ccb59ce27db380046ac72a687v1.8.8
- Changed splunk_filter.py to add more search features to take advantage of new splunk-nozzle
Deployment
releases:
- name: cf-splunk
version: 1.8.8
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.8/cf-splunk-1.8.8.tgz
sha1: c07ef147fd7ed560cfc8f3a3ccbdebc7ad822b31v1.8.7
commit 1ad9df4
Merge: 9f2a711 c26776e
Author: Stéphane Duchesneau [email protected]
Date: Tue Jun 12 16:22:03 2018 -0400
Merge branch 'master' of https://github.com/emerald-squad/splunk-firehose-nozzle-release
Deployment
releases:
- name: cf-splunk
version: 1.8.7
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.7/cf-splunk-1.8.7.tgz
sha1: a59fa8301a5c6df369d715f80990a3fa24a52ec3v1.8.6
commit 1d31bf6
Merge: 0f4f76f a539cb3
Author: Stéphane Duchesneau [email protected]
Date: Mon Jun 11 12:48:50 2018 -0400
Merge branch 'master' of https://github.com/emerald-squad/splunk-firehose-nozzle-release
Deployment
releases:
- name: cf-splunk
version: 1.8.6
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.6/cf-splunk-1.8.6.tgz
sha1: abf836f5efcfb7bd20fec2c34f5d4c4aea01cf4ev1.8.5
commit c340ade
Author: Stéphane Duchesneau [email protected]
Date: Mon Jun 11 11:46:00 2018 -0400
add create-all-roles.sh
diff --git a/jobs/splunk-full/spec b/jobs/splunk-full/spec
index 59787ea..544cedc 100644
--- a/jobs/splunk-full/spec
+++ b/jobs/splunk-full/spec
@@ -3,6 +3,7 @@
name: splunk-full
templates:
ctl.sh.erb: bin/ctl.sh
- create-all-roles.sh.erb: bin/create-all-roles.sh
system_inputs.conf.erb: config/system_local/inputs.conf
system_user-seed.conf.erb: config/system_local/user-seed.conf
system_indexes.conf.erb: config/system_local/indexes.conf
diff --git a/jobs/splunk-full/templates/create-all-roles.sh.erb b/jobs/splunk-full/templates/create-all-roles.sh.erb
new file mode 100644
index 0000000..69752cb
--- /dev/null
+++ b/jobs/splunk-full/templates/create-all-roles.sh.erb
@@ -0,0 +1,56 @@
+#!/bin/bash -eu
+SPLUNK_ADMIN_USER=<%= p('cf_splunk.cf_admin_user') %>
+SPLUNK_ADMIN_PASSWORD=<%= p('cf_splunk.cf_admin_password') %>
+set -x
+for i in $(/var/vcap/packages/python/bin/python_wrapper /var/vcap/packages/splunk-filter/list-orgs.py); do
- SPLUNK_ROLE_NAME=$i
- SPLUNK_APP_NAME=$i
-
CREATE THE ROLE,
- ROLE_EXISTS_CODE=$(curl -K - -k "https://localhost:8089/services/authorization/roles/${SPLUNK_ROLE_NAME}" -sSw "%{http_code}" -o /dev/null <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}")
- if [ "$ROLE_EXISTS_CODE" == 404 ]; then
- curl -sS -K - -k -X POST https://localhost:8089/services/authorization/roles?output_mode=json -d name=${SPLUNK_ROLE_NAME} <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}"
- fi
-
IF NOT EXISTS: CREATE THE APP, REFRESH IT, GRANT PERMS
- APP_EXISTS_CODE=$(curl -K - -k "https://localhost:8089/services/apps/local/${SPLUNK_APP_NAME}" -sSw "%{http_code}" -o /dev/null <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}")
- if [ "$APP_EXISTS_CODE" == 404 ]; then
- if test -d /var/vcap/store/splunk-persistent/apps/${SPLUNK_APP_NAME}; then
-
ln -fs /var/vcap/store/splunk-persistent/apps/${SPLUNK_APP_NAME} /var/vcap/packages/splunk/etc/apps -
curl -sS -K - -k https://localhost:8089/services/apps/local?refresh=true <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}" - else
-
curl -sS -K - -k -X POST https://localhost:8089/services/apps/local -d "name=${SPLUNK_APP_NAME}&template=barebones" <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}" -
test -d /var/vcap/store/splunk-persistent/apps || mkdir -p /var/vcap/store/splunk-persistent/apps && chmod 755 /var/vcap/store/splunk-persistent/apps -
mv /var/vcap/packages/splunk/etc/apps/${SPLUNK_APP_NAME} /var/vcap/store/splunk-persistent/apps/ -
ln -fs /var/vcap/store/splunk-persistent/apps/${SPLUNK_APP_NAME} /var/vcap/packages/splunk/etc/apps -
## REFRESH THE APP -
curl -K - -k https://localhost:8089/services/apps/local/${SPLUNK_APP_NAME}?refresh=true <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}" -
# GRANT PERMS ON APP -
curl -K - -k -X POST https://localhost:8089/services/apps/local/${SPLUNK_APP_NAME}/acl \ -
-d owner=nobody \ -
-d sharing=app \ -
-d "perms.read=${SPLUNK_ROLE_NAME},admin" \ -
-d "perms.write=${SPLUNK_ROLE_NAME},admin" <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}" -
curl -K - -k -X POST https://localhost:8089/services/apps/local/${SPLUNK_APP_NAME} -d "visible=yes" <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}" -
sleep 1 -
mkdir -p /var/vcap/packages/splunk/etc/apps/${SPLUNK_APP_NAME}/local -
chown vcap.vcap /var/vcap/packages/splunk/etc/apps/${SPLUNK_APP_NAME}/local -
cat > /var/vcap/packages/splunk/etc/apps/${SPLUNK_APP_NAME}/local/ui-prefs.conf <<EOC
+[search]
+dispatch.earliest_time = @d
+dispatch.latest_time = now
+EOC
-
chown vcap.vcap /var/vcap/packages/splunk/etc/apps/${SPLUNK_APP_NAME}/local/ui-prefs.conf -
## REFRESH THE APP AGAIN -
curl -K - -k https://localhost:8089/services/apps/local/${SPLUNK_APP_NAME}?refresh=true <<< "-u ${SPLUNK_ADMIN_USER}:${SPLUNK_ADMIN_PASSWORD}" - fi
- fi
+done
\ No newline at end of file
Deployment
releases:
- name: cf-splunk
version: 1.8.5
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.5/cf-splunk-1.8.5.tgz
sha1: 7b73c88ffe0b3b38c25d88a820711ad4a8444601v1.8.4
commit 04356c4
Author: Stéphane Duchesneau [email protected]
Date: Fri Jun 8 15:25:55 2018 -0400
create apps folder in persistent_dir, bump splunk_filter
diff --git a/jobs/splunk-full/templates/ctl.sh.erb b/jobs/splunk-full/templates/ctl.sh.erb
index e706565..8873526 100644
--- a/jobs/splunk-full/templates/ctl.sh.erb
+++ b/jobs/splunk-full/templates/ctl.sh.erb
@@ -27,6 +27,7 @@ case $1 in
fi
fi
mkdir -p ${PERSISTENT_DIR}/users
-
mkdir -p ${PERSISTENT_DIR}/apps
ln -fs ${PERSISTENT_DIR}/users ${PACKAGE_DIR}/etc/userschown -R vcap:vcap ${RUN_DIR} ${LOG_DIR} ${PACKAGE_DIR}/ ${PERSISTENT_DIR}/
diff --git a/src/splunk_filter b/src/splunk_filter
index cbb6567..2cd2456 160000
--- a/src/splunk_filter
+++ b/src/splunk_filter
@@ -1 +1 @@
-Subproject commit cbb65674d0a1cffa1aafcd702753b67f4420bb58
+Subproject commit 2cd24565f934e788ff1dc740ba396701c50d9488
Deployment
releases:
- name: cf-splunk
version: 1.8.4
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.4/cf-splunk-1.8.4.tgz
sha1: 3c3c0d4aef99c37ab6816297a24c5f6f00de1456v1.8.3
commit ab703be
Author: Stéphane Duchesneau [email protected]
Date: Thu May 3 15:12:20 2018 -0400
add LDAP_DOMAIN param to splunk_filter.conf
diff --git a/jobs/splunk-full/spec b/jobs/splunk-full/spec
index 8d6e352..59787ea 100644
--- a/jobs/splunk-full/spec
+++ b/jobs/splunk-full/spec
@@ -54,6 +54,8 @@ properties:
description: Cloud Foundry administrator password
ldap_server_url:
description: LDAP server URL (ldap://example.com:389)
- ldap_domain:
-
ldap_search_base:
description: Domain for auth, instead of using a dn base
description: Search base for LDAP users (dc=example,dc=com)
server_name:
diff --git a/jobs/splunk-full/templates/splunk_filter.conf.erb b/jobs/splunk-full/templates/splunk_filter.conf.erb
index 6354be4..b05bd35 100644
--- a/jobs/splunk-full/templates/splunk_filter.conf.erb
+++ b/jobs/splunk-full/templates/splunk_filter.conf.erb
@@ -7,6 +7,7 @@ users_regex=<%= p('cf_splunk.users_regex') %>
[ldap]
LDAP_SERVER=<%= p('cf_splunk.ldap_server_url') %>
LDAP_USER_ROOT=<%= p('cf_splunk.ldap_search_base') %>
+LDAP_DOMAIN=<%= p('cf_splunk.ldap_domain') %>
[splunk]
log_dir=/var/vcap/sys/log/splunk-full
Deployment
releases:
- name: cf-splunk
version: 1.8.3
url: https://github.com/emerald-squad/splunk-firehose-nozzle-release/releases/download/v1.8.3/cf-splunk-1.8.3.tgz
sha1: e7e9503a2a15f71e39ac6f8b0293080046b64fcev1.8.2
commit 0105c71
Author: Stéphane Duchesneau [email protected]
Date: Fri Feb 16 11:04:48 2018 -0500
missing changes last commit
diff --git a/ci/scripts/update-manifest b/ci/scripts/update-manifest
index f1ad363..7242ddd 100755
--- a/ci/scripts/update-manifest
+++ b/ci/scripts/update-manifest
@@ -1,11 +1,12 @@
#!/bin/bash
GITHUB_OWNER=$1
-RELEASE_NAME=$2
-VERSION=$3
-SHA1=$4
-MANIFEST_PATH=$5
-: ${MANIFEST_PATH:?USAGE: $0 GITHUB_OWNER RELEASE_NAME REPO_NAME VERSION SHA1 MANIFEST_PATH}
+GITHUB_REPO=$2
+RELEASE_NAME=$3
+VERSION=$4
+SHA1=$5
+MANIFEST_PATH=$6
+: ${MANIFEST_PATH:?USAGE: $0 GITHUB_OWNER GITHUB_REPO RELEASE_NAME VERSION SHA1 MANIFEST_PATH}
set -e -u
@@ -15,6 +16,6 @@ cat > $MANIFEST_PATH <<YAML
${manifest_head}
- name: $RELEASE_NAME
version: $VERSION - url: https://github.com/${GITHUB_OWNER}/${REPO_NAME}/releases/download/v${VERSION}/${RELEASE_NAME}-${VERSION}.tgz
- url: https://github.com/${GITHUB_OWNER}/${GITHUB_REPO}/releases/download/v${VERSION}/${RELEASE_NAME}-${VERSION}.tgz
sha1: $SHA1
YAML
\ No newline at end of file
Deployment
releases:
- name: cf-splunk
version: 1.8.2
url: https://github.com/emerald-squad/splunk-firehoze-nozzle-release/releases/download/v1.8.2/cf-splunk-1.8.2.tgz
sha1: 784ce3db7cb9c36095c89d8dd002567b5478dc88Customizable splunk notifications, saved users folders
- Slack and email alerts from bosh manifest
- keeping users' alerts and settings across deployments
- Default search scope in splunk set to "today"