pmeyerson
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/usr/python3 | |
| import time | |
| import random | |
| import string | |
| import sys | |
| from splunk_http_event_collector import http_event_collector | |
| # splunk_http_event_collector available from https://pypi.org/project/Splunk-HEC/ | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class CustomHandler: | |
| # response from API is in format {"result": [{}, {}, {}]} at least for cmdb tables | |
| # credit http://www.georgestarcher.com/splunk-null-thinking/ | |
| def __init__(self,**args): | |
| pass | |
| def __call__(self, response_object, raw_response_output,response_type,req_args,endpoint): | |
| #if response_type == "json": | |
| output = json.loads(raw_response_output) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| index=ddi sourcetype="infoblox:api:networks" | |
| | dedup network | |
| | rex field=comment "(?<Site>[\s\S^-]*)\s-\s(?<Vlan>[0-9xX]*)\s-\s(?<NetworkDescription>[\s\S]*)" | |
| | rename network as Network | |
| | table Network Site NetworkDescription Vlan | |
| | sort Network num | |
| | outputlookup networks createinapp=true append=false |
pmeyerson
/ inputs.conf - infoblox rest api input example
Last active
March 27, 2020 18:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # make sure you enter correct info for | |
| # auth_password, auth_user, endpoint, index. Sourcetype and polling interval as you like. | |
| # Examples are below. Inteded for use with REST API modular input add-on see https://splunkbase.splunk.com/app/1546/ | |
| # Consider using Splunk's Add-on-Builder app (available on splunkbase) as app 1546 requires $ now I believe. | |
| [rest://infoblox-networks] | |
| auth_password = password | |
| auth_type = basic | |
| auth_user = user | |
| endpoint = https://infoblox_ip/wapi/v2.0/network |
pmeyerson
/ logparse_smtprx.py
Last active
November 14, 2017 22:05
parse exchange 2010 smtp receive connector logs into csv format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import os | |
| import csv | |
| import sys | |
| logdir="exhub_logs/" | |
| outdir="output/" | |
| # get list of input log files |
pmeyerson
/ amp-export-network-events.py
Last active
October 26, 2017 21:14
pull amp event network connectivity data for a specific host and export to csv
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Fill in your apikey and apipwd and hostname of machine to get started. | |
| # Determine the hostguid from the amp console. Advanced users could use another api query to retreive this. | |
| # This script is rough but should get you started. | |
| import json | |
| import requests | |
| import csv | |
| import datetime |
pmeyerson
/ rpz_grabber.py
Last active
January 29, 2018 01:40
download RPZ files files from infoblox customer portal. Compute diff from yesterday to splunk!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # requires dnspython compliments dnspython.org; install via pip | |
| import glob | |
| import os | |
| import difflib | |
| import datetime | |
| import dns.query | |
| import dns.zone | |
| import dns.tsigkeyring |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import datetime | |
| import requests | |
| import csv | |
| import json | |
| url = 'https://infobloxhostname-or-ip/wapi/v2.0/' # API URL to query. Make sure API access is enabled on this host. | |
| id = '' # API enabled credentials. | |
| pwd = '' |