class Splunk::Pickaxe::Reports
Public Instance Methods
entity_dir()
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 15 def entity_dir DIR end
entity_file_path(splunk_entity)
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 19 def entity_file_path(splunk_entity) File.join( pickaxe_config.execution_path, entity_dir, entity_file_name(splunk_entity) ) end
name(entity)
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 26 def name(entity) # The report name contains the environment name if splunk_config(entity)['pickaxe.environment.in.name'] return "#{entity['name']} [#{environment.capitalize}]" end entity['name'] end
report_defaults()
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 45 def report_defaults { # Default to include the environment name in the report name 'pickaxe.environment.in.name' => true, # Who to email 'action.email.to' => pickaxe_config.emails.join(','), # How often to run alert (every hour) 'cron_schedule' => '0 * * * *', 'is_scheduled' => '1', # Email subject 'action.email.subject' => 'Splunk Report: $name$', 'action.email.subject.alert' => 'Splunk Report: $name$', # Email result formatting (inline results, table format, include alert link) 'action.email.format' => 'table', 'action.email.inline' => '1', 'action.email.include.view_link' => '1', # Send an email 'actions' => 'email', 'action.email.sendresults' => '1', # This is a report so always send it 'alert_type' => 'always', # The time bounds for alert search (1 hour) 'dispatch.earliest_time' => '-1h', 'dispatch.latest_time' => 'now' } end
splunk_config(entity_yaml)
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 35 def splunk_config(entity_yaml) # Include default values config = report_defaults # Override defaults with any config provided in yaml config.merge! entity_yaml['config'] config end
splunk_entity_keys()
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 79 def splunk_entity_keys Splunk::Pickaxe::REPORT_KEYS end
splunk_resource()
click to toggle source
# File lib/splunk/pickaxe/objects/reports.rb, line 11 def splunk_resource %w[saved searches] end