6d61726b760a · July 14, 2020 08:27
diff --git a/splunk_deployment_server_client_cleanup.py b/splunk_deployment_server_client_cleanup.py
 import requests
 import os
 from lxml import etree

 # remove old clients from deployment server

 deployment_server = os.getenv('SPLUNK_DS')
 splunk_username = os.getenv('SPLUNK_DS_USER')
 splunk_password = os.getenv('SPLUNK_DS_PASS')
 ds_auth=(splunk_username, splunk_password)


 def remove_client(guid):
    print(f'removing: {guid}')
    endpoint='services/deployment/server/clients'
    response = requests.delete(f'http://{deployment_server}:8089/{endpoint}/{guid}', auth=ds_auth)
    print(response.status_code)
    


 def find_old_clients():

    # 6h  = 21600
    # 12h = 43200
    # 24h = 86400
    # 48h = 172800

    search = ('| rest splunk_server=local /services/deployment/server/clients '
             '| eval last_seen = now() - lastPhoneHomeTime '
             '| where last_seen > 86400 '
             '| rename clientName as guid '
             '| fields guid')
    data = { 'search': search }
    endpoint='servicesNS/admin/search/search/jobs/export'
    response = requests.post(f'http://{deployment_server}:8089/{endpoint}', data=data, auth=ds_auth)
    xmlroot=etree.fromstring(response.content)
    results=[]
    for result in xmlroot.findall('result/field/value/text'):
        results.append(result.text)
        # print(guid)
    
    return(results)


 if __name__ == '__main__':

    old_clients = find_old_clients()
    for guid in old_clients:
        remove_client(guid)
	import requests
	import os
	from lxml import etree

	# remove old clients from deployment server

	deployment_server = os.getenv('SPLUNK_DS')
	splunk_username = os.getenv('SPLUNK_DS_USER')
	splunk_password = os.getenv('SPLUNK_DS_PASS')
	ds_auth=(splunk_username, splunk_password)


	def remove_client(guid):
	print(f'removing: {guid}')
	endpoint='services/deployment/server/clients'
	response = requests.delete(f'http://{deployment_server}:8089/{endpoint}/{guid}', auth=ds_auth)
	print(response.status_code)



	def find_old_clients():

	# 6h = 21600
	# 12h = 43200
	# 24h = 86400
	# 48h = 172800

	search = ('\| rest splunk_server=local /services/deployment/server/clients '
	'\| eval last_seen = now() - lastPhoneHomeTime '
	'\| where last_seen > 86400 '
	'\| rename clientName as guid '
	'\| fields guid')
	data = { 'search': search }
	endpoint='servicesNS/admin/search/search/jobs/export'
	response = requests.post(f'http://{deployment_server}:8089/{endpoint}', data=data, auth=ds_auth)
	xmlroot=etree.fromstring(response.content)
	results=[]
	for result in xmlroot.findall('result/field/value/text'):
	results.append(result.text)
	# print(guid)

	return(results)


	if __name__ == '__main__':

	old_clients = find_old_clients()
	for guid in old_clients:
	remove_client(guid)