Skip to content

nagyist/splunk-sdk-csharp-pcl

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

714 Commits

docs

docs

 
 

examples

examples

 
 

packages

packages

 
 

src

src

 
 

test

test

 
 

tools/xunit-1.9.2

tools/xunit-1.9.2

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Recordable tests.playlist

Recordable tests.playlist

 
 

Search Export Tests.playlist

Search Export Tests.playlist

 
 

splunk-sdk-csharp-pcl.StyleCop

splunk-sdk-csharp-pcl.StyleCop

 
 

splunk-sdk-csharp-pcl.ruleset

splunk-sdk-csharp-pcl.ruleset

 
 

splunk-sdk-csharp-pcl.sln

splunk-sdk-csharp-pcl.sln

 
 

Repository files navigation

Splunk SDK for C#

Version 2.0 beta

Note: The Splunk SDK for C# is in development and is not currently supported.

The Splunk Software Development Kit (SDK) for C# contains library code and examples designed to enable developers to build applications using Splunk.

Splunk is a search engine and analytic environment that uses a distributed map-reduce architecture to efficiently index, search, and process large time-varying data sets.

The Splunk product is popular with system administrators for aggregation and monitoring of IT machine data, security, compliance and a wide variety of other scenarios that share a requirement to efficiently index, search, analyze, and generate real-time notifications from large volumes of time series data.

The Splunk developer platform enables developers to take advantage of the same technology used by the Splunk product to build exciting new applications that are enabled by Splunk's unique capabilities.

What's new in Version 2.0

Version 2.0 beta introduces new modern APIs that leverage the latest .NET platform advancements.

  • Async - All APIs are 100% asynchronous supporting the new async/await features.
  • All APIs follow .NET guidelines and abide by FxCop and StyleCop rules.
  • Reactive Extensions - Splunk Enterprise query results implement IObservable, allowing usage with the .NET Reactive Extensions.
  • Support for cross-platform development - The Splunk API client (Splunk.Client.dll) in the new version is a Portable Class Library supporting .NET development on multiple platforms.

Below is an example of a simple One Shot Search:

using Splunk.Client;

var service = new Service(Scheme.Https, "localhost", 8089));

//login
await service.LogOnAsync("admin", "changeme");

//create a One Shot Search and retrieve the results
var searchResults = await service.SearchOneShotSearchAsync("search index=_internal | head 10");

//loop through the results
foreach (var result in searchResults)
{
    //write out the raw event
    Console.WriteLine(string.Format("{0:D8}: {1}", ++recordNumber, result.GetValue("_raw")));
}

Supported platforms

.NET 4.5/Mono 3.4, PCL (Windows 8.1, Windows Phone 8.1, iOS (via Xamarin.iOS), Android (via Xamarin.Android)

Compatibility

The Splunk SDK for C# version 2.0 is a rewrite of the existing SDK, and introduces completely new APIs.

Important: Applications built with Splunk SDK for C# version 1.x will not recompile using Splunk SDK for C# version 2.0.

Splunk SDK for C# version 2.0 includes a subset of the capability in version 1.0 of the SDK, and focuses on the most common scenarios that we have seen customers using. The major focus areas are search, search jobs, configuration, and modular inputs.

Following is a breakdown of the areas covered:

  • Login
  • Access control (users and passwords)
  • Searches (normal, blocking, oneshot, and export)
  • Jobs
  • Reports ("saved searches" in Splunk Enterprise 5)
  • Configuration and Config Properties
  • Indexes
  • Inputs (sending simple and streamed events to Splunk Enterprise)
  • Applications
  • Modular inputs

For detailed API coverage, see this coverage matrix.

We will publish guidance on how to migrate applications built using the Splunk SDK for C# 1.x to use the Splunk SDK for C# 2.0.

Getting started with the Splunk SDK for C#

The Splunk SDK for C# contains library code and examples that show how to programmatically interact with Splunk for a variety of scenarios including searching, saved searches, data inputs, and many more, along with building complete applications.

The information in this Readme provides steps to get going quickly. In the future we plan to roll out more in-depth documentation.

Requirements

Here's what you need to get going with the Splunk SDK for C# version 2.0.

Splunk Enterprise

If you haven't already installed Splunk Enterprise, download it at http://www.splunk.com/download. For more information about installing and running Splunk Enterprise and system requirements, see the Splunk Installation Manual.

Developer environments

The Splunk SDK for C# supports development in the following environments:

Visual Studio

The Splunk SDK for C# supports development in Microsoft Visual Studio 2012 and later

You will need to install Code Contracts for .NET (be sure to close Visual Studio before you install it or the install will not work, despite appearing to).

To run the unit tests you will need to install an xUnit runner:

Xamarin Studio / Mono Develop

The Splunk SDK for C# support development in Xamarin Studio and Mono Develop. You will need to set the MonoCS complitation constant in the project settings for Splunk.Client.csproj and Splunk.ModularInputs.csproj.

To run the unit tests you will need to download the latest release of xUnit and run using the command line tools or GUI runner.

Splunk SDK for C#

MyGet feed

Before the intial release, you can download the Splunk SDK C# NuGet packages from MyGet. Add the following feed to your package sources in Visual Studio: https://splunk.myget.org/F/splunk-sdk-csharp-pcl/

The following packages are in that feed:

  • Splunk.Client - Client for Splunk's REST API. This is a portable library.
  • Splunk.ModularInputs - Functionality for building Modular Inputs.

Note: Both packages will be published to NuGet when the SDK releases.

Getting the source

Get the Splunk SDK for C#. Download the ZIP file and extract its contents.

If you are interested in contributing to the Splunk SDK for C#, you can get it from GitHub and clone the resources to your computer.

Building the SDK

To build from source after extracting or cloning the SDK, do the following"

  1. At the root level of the splunk-sdk-csharp-pcl directory, open the splunk-sdk-csharp-pcl.sln file in Visual Studio.
  2. On the BUILD menu, click Build Solution.

This will build the SDK, the examples, and the unit tests.

Examples and unit tests

The Splunk SDK for C# includes full unit tests which run using xunit as well as several examples.

Solution Layout

The solution is organized into src, examples and tests folders.

src
  • Splunk.Client - Client for Splunk's REST API.
  • Splunk.ModularInputs - Functionality for building Modular Inputs.
  • Splunk.Client.Helpers - Helper utilities used by tests and samples.

examples

  • Windows8/Search - Contains a Windows Store Search App.
  • authenticate - Connects to a Splunk Instance and retrieves Splunk's session token.
  • list_apps - Lists installed applications on a Splunk instance.
  • mock-context - Demonstrates how to use the included HTTP record/play framework for unit tests.
  • mock-interface - Demonstrates how to mock the functional interface for Splunk entities.
  • mock-object - Demontrates how to mock concrete SDK objects and fake out HTTP responses for unit tests.
  • normal-search - Performs a normal search against a Splunk instance and retrieves results using both enumeration and with Rx.
  • random-numbers - Sample modular input which returns a randoml generated numbers.
  • saved-searches - Creates a new saved search and retrieves results.
  • search-export - Creates a search and usings splunk's Export endpoint to push back results.
  • search-realtime - Creates a realtime search.
  • search - Performs a One Shot search.
  • submit - Creates an index and then sends events over HTTP to that index

tests

  • unit-tests - Contains unit tests for all of the classes in the SDK. Does not require a Splunk instance.
  • acceptance-tests - Contains end to end tests using the SDK. These tests by default will go against a Splunk instance. Tests can also be run in playback mode by setting MockContext.Mode to Playback in App.Config.

Changelog

The CHANGELOG.md file in the root of the repository contains a description of changes for each version of the SDK. You can also find it online at https://github.com/splunk/splunk-sdk-csharp/blob/master/CHANGELOG.md.

Branches

The master branch always represents a stable and released version of the SDK. You can read more about our branching model on our Wiki at https://github.com/splunk/splunk-sdk-csharp/wiki/Branching-Model.

Documentation and resources

If you need to know more:

Community

Stay connected with other developers building on Splunk.

Email devinfo@splunk.com
Issues https://github.com/splunk/splunk-sdk-csharp/issues
Answers http://splunk-base.splunk.com/tags/csharp/
Blog http://blogs.splunk.com/dev/
Twitter @splunkdev

Contributions

If you want to make a code contribution, go to the Open Source page for more information.

Support

This product is currently in development and officially unsupported. We will be triaging any issues filed by the community however and addressing them as appropriate. Please file issues for any problems that you encounter.

Contact Us

You can reach the Dev Platform team at devinfo@splunk.com.

License

The Splunk SDK for C# is licensed under the Apache License 2.0. Details can be found in the LICENSE file.

About

Splunk's next generation C# SDK

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published