From 7f311bf63cfad4e3bbf31949ec3c4750b5ba4571 Mon Sep 17 00:00:00 2001 From: Loc Mai Date: Fri, 21 Jul 2023 19:33:52 +0700 Subject: [PATCH 1/3] feat: add proxy support and override support Signed-off-by: Loc Mai --- package.json | 2 +- src/app/README/alert_actions.conf.spec | 3 +++ src/app/README/savedsearches.conf.spec | 3 +++ src/app/bin/slack.py | 18 +++++++++++++++--- src/app/default/alert_actions.slap.conf | 3 ++- src/app/default/data/ui/alerts/slack.html | 14 ++++++++++++++ src/ui/pages/slack_alerts_setup/api.js | 2 ++ src/ui/pages/slack_alerts_setup/form.jsx | 15 +++++++++++++++ 8 files changed, 55 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 5745dca..cbe05cc 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "splunk-slack-alerts", - "version": "2.3.0", + "version": "2.3.1", "description": "Slack alert action for Splunk Enterprise", "private": true, "splunk": { diff --git a/src/app/README/alert_actions.conf.spec b/src/app/README/alert_actions.conf.spec index 2135f5b..c1d1ff1 100644 --- a/src/app/README/alert_actions.conf.spec +++ b/src/app/README/alert_actions.conf.spec @@ -11,6 +11,9 @@ param.webhook_url = * The webhook URL to send the Slack message requests to. This can be obtained * by creating a new "Incoming webhook" integration in Slack. +param.http_proxy = +* your proxy http://proxy:port + param.from_user = * DEPRECATED - This is only used in the deprecated webhook_url parameter. * The name of the user sending the Slack message. By default this is "Splunk". diff --git a/src/app/README/savedsearches.conf.spec b/src/app/README/savedsearches.conf.spec index 721e005..b27d9d6 100644 --- a/src/app/README/savedsearches.conf.spec +++ b/src/app/README/savedsearches.conf.spec @@ -27,3 +27,6 @@ action.slack.param.slack_app_oauth_token_override = action.slack.param.webhook_url_override = * Override the Slack webhook URL for a single alert. This useful when wanting * to send some alerts to different Slack teams. + +action.slack.param.proxy_url_override = +* Override Proxy setting for single alert. diff --git a/src/app/bin/slack.py b/src/app/bin/slack.py index 44b1777..3515afd 100644 --- a/src/app/bin/slack.py +++ b/src/app/bin/slack.py @@ -103,6 +103,18 @@ def send_slack_message(payload): config = payload.get('configuration') body = json.dumps(build_slack_message(payload)) + http_proxy = config.get('http_proxy', '') + + if config.get('proxy_url_override'): + http_proxy = config.get('proxy_url_override', '') + log(f"DEBUG Using proxy URL from proxy_url_override: {http_proxy}") + + req = urllib.request + if http_proxy: + proxy_handler = req.ProxyHandler({ 'http': f"{http_proxy}", 'https': f"{http_proxy}", }) + opener = req.build_opener(proxy_handler) + req.install_opener(opener) + # Since Slack webhook URLs are deprecated, we will bias towards using Slack Apps, if they are provided is_using_slack_app = (("slack_app_oauth_token" in config and config["slack_app_oauth_token"]) or ("slack_app_oauth_token_override" in config and config["slack_app_oauth_token_override"])) if is_using_slack_app: @@ -114,7 +126,7 @@ def send_slack_message(payload): log("INFO Using configured Slack App OAuth token: %s" % token) log('DEBUG Calling url="https://slack.com/api/chat.postMessage" with token=%s and body=%s' % (token, body)) - req = urllib.request.Request("https://slack.com/api/chat.postMessage", ensure_binary(body), {"Content-Type": "application/json", 'Authorization': "Bearer %s" % token}) + msg_req = req.Request("https://slack.com/api/chat.postMessage", ensure_binary(body), {"Content-Type": "application/json", 'Authorization': "Bearer %s" % token}) # To preserve backwards compatibility, we will fallback to the webhook_url configuration, if a Slack App OAuth token is not provided else: @@ -133,10 +145,10 @@ def send_slack_message(payload): return ERROR_CODE_VALIDATION_FAILED log('DEBUG Calling url="%s" with body=%s' % (url, body)) - req = urllib.request.Request(url, ensure_binary(body), {"Content-Type": "application/json"}) + msg_req = req.Request(url, ensure_binary(body), {"Content-Type": "application/json"}) try: - res = urllib.request.urlopen(req) + res = urllib.request.urlopen(msg_req) res_body = str(res.read()) log("INFO Slack API responded with HTTP status=%d" % res.code) log("DEBUG Slack API response: %s" % res_body) diff --git a/src/app/default/alert_actions.slap.conf b/src/app/default/alert_actions.slap.conf index aec704a..a322117 100644 --- a/src/app/default/alert_actions.slap.conf +++ b/src/app/default/alert_actions.slap.conf @@ -18,4 +18,5 @@ param.attachment_alert_title = :bell: {search_name} param.attachment_adhoc_title = :zap: Ad-hoc search param.attachment_results_link = <{results_link}|Show results in Splunk> :mag: param.attachment_footer_text = Splunk Alert -param.attachment_fallback = Alert generated by Splunk: {results_link} \ No newline at end of file +param.attachment_fallback = Alert generated by Splunk: {results_link} +param.http_proxy = diff --git a/src/app/default/data/ui/alerts/slack.html b/src/app/default/data/ui/alerts/slack.html index 864c53d..b8c1423 100644 --- a/src/app/default/data/ui/alerts/slack.html +++ b/src/app/default/data/ui/alerts/slack.html @@ -56,6 +56,20 @@ +
+ +
+ + + You can override the default proxy setting. Use http://yourproxy:port + +
+

diff --git a/src/ui/pages/slack_alerts_setup/api.js b/src/ui/pages/slack_alerts_setup/api.js index 7a44318..7f5ac20 100644 --- a/src/ui/pages/slack_alerts_setup/api.js +++ b/src/ui/pages/slack_alerts_setup/api.js @@ -17,6 +17,7 @@ export function loadAlertActionConfig() { webhook_url: d['param.webhook_url'], from_user: d['param.from_user'], from_user_icon: d['param.from_user_icon'], + http_proxy: d['param.http_proxy'], }; }); } @@ -31,6 +32,7 @@ export function updateAlertActionConfig(data) { `param.webhook_url=${encodeURIComponent(data.webhook_url)}`, `param.from_user=${encodeURIComponent(data.from_user)}`, `param.from_user_icon=${encodeURIComponent(data.from_user_icon)}`, + `param.http_proxy=${encodeURIComponent(data.http_proxy)}`, ].join('&'), headers: { 'Content-Type': 'application/x-www-form-urlencoded', diff --git a/src/ui/pages/slack_alerts_setup/form.jsx b/src/ui/pages/slack_alerts_setup/form.jsx index 0185dee..f789308 100644 --- a/src/ui/pages/slack_alerts_setup/form.jsx +++ b/src/ui/pages/slack_alerts_setup/form.jsx @@ -24,6 +24,7 @@ export function SetupForm() { const webhookUrl = loading ? '' : data.webhook_url; const fromUserName = loading ? '' : data.from_user; const fromUserIcon = loading ? '' : data.from_user_icon; + const httpProxy = loading ? '' : data.http_proxy; const oauth_app_manifest = ` display_information: @@ -144,6 +145,20 @@ settings:
+ Proxy Setting + + The following settings will configure the default proxy server for slack alerts. + + + + + + Message Appearance The following settings will influence how messages will show up in Slack.{' '} From ba086fe3068920b608b59ba58d4e1add5128ec20 Mon Sep 17 00:00:00 2001 From: Loc Mai Date: Mon, 24 Jul 2023 21:11:57 +0700 Subject: [PATCH 2/3] fix: to match python 2 syntax Signed-off-by: Loc Mai --- src/app/bin/slack.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/app/bin/slack.py b/src/app/bin/slack.py index 3515afd..1094b2e 100644 --- a/src/app/bin/slack.py +++ b/src/app/bin/slack.py @@ -107,11 +107,11 @@ def send_slack_message(payload): if config.get('proxy_url_override'): http_proxy = config.get('proxy_url_override', '') - log(f"DEBUG Using proxy URL from proxy_url_override: {http_proxy}") + log("DEBUG Using proxy URL from proxy_url_override: %s" % http_proxy) req = urllib.request if http_proxy: - proxy_handler = req.ProxyHandler({ 'http': f"{http_proxy}", 'https': f"{http_proxy}", }) + proxy_handler = req.ProxyHandler({ 'http': "%s" % http_proxy, 'https': "%s" % http_proxy}) opener = req.build_opener(proxy_handler) req.install_opener(opener) From 16ac4b9f419b19a1fc0de6f3077ec02749aff097 Mon Sep 17 00:00:00 2001 From: Loc Mai Date: Mon, 24 Jul 2023 21:23:21 +0700 Subject: [PATCH 3/3] fix: define updateProxy Signed-off-by: Loc Mai --- src/ui/pages/slack_alerts_setup/form.jsx | 1 + 1 file changed, 1 insertion(+) diff --git a/src/ui/pages/slack_alerts_setup/form.jsx b/src/ui/pages/slack_alerts_setup/form.jsx index f789308..74ec735 100644 --- a/src/ui/pages/slack_alerts_setup/form.jsx +++ b/src/ui/pages/slack_alerts_setup/form.jsx @@ -19,6 +19,7 @@ export function SetupForm() { const updateUrl = useCallback((e, { value }) => update({ ...data, webhook_url: value })); const updateUser = useCallback((e, { value }) => update({ ...data, from_user: value })); const updateUserIcon = useCallback((e, { value }) => update({ ...data, from_user_icon: value })); + const updateProxy = useCallback((e, { value }) => update({ ...data, http_proxy: value })); const slackAppOauthToken = loading ? '' : data.slack_app_oauth_token; const webhookUrl = loading ? '' : data.webhook_url;