class Splunk::Pickaxe::Tags
Public Instance Methods
create(entity)
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 43 def create(entity) # Create and update are the same thing. Pass in no known fields update [], entity end
entity_dir()
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 15 def entity_dir DIR end
entity_file_path(splunk_entity)
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 19 def entity_file_path(splunk_entity) File.join( pickaxe_config.execution_path, entity_dir, entity_file_name(splunk_entity) ) end
find(entity)
click to toggle source
Tags
do not follow the typical conventions that other splunk resources do so we have to change the find/create/update methods
# File lib/splunk/pickaxe/objects/tags.rb, line 28 def find(entity) # Either return the entity or nil if it doesn't exist response = service.request(method: :GET, resource: splunk_resource + [name(entity)]) # Parse out fields atom_feed = Splunk::AtomFeed.new(response.body) atom_feed.entries.map { |e| e['title'] } rescue Splunk::SplunkHTTPError => e if e.code == 404 nil else raise e end end
needs_update?(splunk_entity, entity)
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 66 def needs_update?(splunk_entity, entity) # Compares the fields in our config vs whats in splunk splunk_config(entity).uniq.sort != splunk_entity.uniq.sort end
splunk_config(entity)
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 62 def splunk_config(entity) entity['fields'] end
splunk_entity_keys()
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 71 def splunk_entity_keys Splunk::Pickaxe::TAGS_KEYS end
splunk_resource()
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 11 def splunk_resource %w[search tags] end
update(splunk_entity, entity)
click to toggle source
# File lib/splunk/pickaxe/objects/tags.rb, line 48 def update(splunk_entity, entity) # what we want - whats there = what we need to create/update (splunk_config(entity) - splunk_entity).each do |field| response = service.request(method: :POST, resource: splunk_resource + [name(entity)], body: { add: field }) raise "Failed to add field to tag [#{response.code}] - [#{response.body}]" unless response.is_a? Net::HTTPSuccess end # whats there - what we want = what we need to remove (splunk_entity - splunk_config(entity)).each do |field| response = service.request(method: :POST, resource: splunk_resource + [name(entity)], body: { delete: field }) raise "Failed to delete field from tag [#{response.code}] - [#{response.body}]" unless response.is_a? Net::HTTPSuccess end end