public async Task EventWriterConvertsSeverityEnumValueToName()
{
var stdout = new StringWriter();
var stderr = new StringWriter();
var writer = new EventWriter(stdout, stderr, null);
await writer.LogAsync(Severity.Info, "Test");
await writer.LogAsync(Severity.Warning, "Test");
await writer.LogAsync(Severity.Error, "Test");
var events = stderr.GetStringBuilder().ToString();
Assert.Contains("INFO Test", events);
Assert.Contains("WARNING Test", events);
Assert.Contains("ERROR Test", events);
}
/// <summary>
/// Splunk callback use to launch the plugin
/// </summary>
/// <param name="inputDefinition">Retrieve the config set into inputs.conf</param>
/// <param name="eventWriter">event writer use to communicate with splunk</param>
/// <returns></returns>
public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
var splunkHome = Environment.GetEnvironmentVariable("SPLUNK_HOME");
var profile = inputDefinition.Name.Split(new string[] { "://" }, StringSplitOptions.RemoveEmptyEntries)[1];
await eventWriter.LogAsync(Severity.Info, "Splunk-ETW select " + profile + " profile");
string iniPath = Path.Combine(new string[] { splunkHome, "etc", "apps", "Splunk-ETW", "profile", profile + ".ini" });
await eventWriter.LogAsync(Severity.Info, "Splunk-ETW load " + iniPath);
try
{
var trace = TraceManager.BuildFromConfig(new FileIniDataParser().ReadFile(iniPath), new SplunkWriter(eventWriter, inputDefinition.Name));
await Task.Run(() => trace.Start());
}
catch (Exception e)
{
await eventWriter.LogAsync(Severity.Error, e.ToString());
}
}
/// <summary>
/// Write events to Splunk from this modular input.
/// </summary>
/// <remarks>
/// This function will be invoked once for each instance of the modular input, though that invocation
/// may or may not be in separate processes, depending on how the modular input is configured. It should
/// extract the arguments it needs from <tt>inputDefinition</tt>, then write events to <tt>eventWriter</tt>
/// (which is thread safe).
/// </remarks>
/// <param name="inputDefinition">a specification of this instance of the modular input.</param>
/// <param name="eventWriter">an object that handles writing events to Splunk.</param>
public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
try
{
string logfilepath = ((SingleValueParameter)(inputDefinition.Parameters["logfilepath"])).ToString();
Int32 maxmessagecount = ((SingleValueParameter)(inputDefinition.Parameters["maxmessagecount"])).ToInt32();
Int32 cycletime = ((SingleValueParameter)(inputDefinition.Parameters["cycletime"])).ToInt32();
//Setup the options input
OptionsStruct localOptionsStruct = new OptionsStruct();
localOptionsStruct.LogDirectory = logfilepath;
// Initialize the log reader
aaLogReader.aaLogReader logReader = new aaLogReader.aaLogReader(localOptionsStruct);
// Write an entry to the Splunk system log indicating we have initialized
await eventWriter.LogAsync(Severity.Info, "Initialized Log reader for path " + logfilepath + " and message count " + maxmessagecount.ToString());
while (true)
{
await(Task.Delay(cycletime));
//Simple call to get all unread records, limiting the return count to max message count
List <LogRecord> logRecords = logReader.GetUnreadRecords((ulong)maxmessagecount);
// Loop through each lastRecordRead and send to Splunk
foreach (LogRecord record in logRecords)
{
await eventWriter.QueueEventForWriting(new Event
{
Stanza = inputDefinition.Name,
Data = record.ToKVP()
});
}
}
}
catch (Exception ex)
{
// Eat error message
await eventWriter.LogAsync(Severity.Error, ex.ToString());
}
}
/// <summary>
///
/// </summary>
public override void VisitBatchReport()
{
writer.LogAsync(Severity.Info, string.Format("VisitBatchReport: {0}", this.reportObjectList.Count)).Wait();
foreach (ReportObject report in reportObjectList)
{
writer.QueueEventForWriting(new Event {
Time = report.Date, Source = this.streamName, Data = report.ConvertToXml()
}).Wait();
}
}
private async Task <string> GetConfigurationValue(InputDefinition definition, string keyName, EventWriter writer, bool log = true)
{
Parameter parameter;
if (definition.Parameters.TryGetValue(keyName, out parameter))
{
await writer.LogAsync(Severity.Info, string.Format("Value for [{0}] retrieved successfully: {1}", keyName, log ? parameter.ToString() : "# Value not logged #"));
return(parameter.ToString());
}
else
{
return(null);
}
}
public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
#region Get param values
string streamName = inputDefinition.Name;
await eventWriter.LogAsync(Severity.Info, string.Format("Name of Stanza is : {0}", inputDefinition.Name));
string reportName = await GetConfigurationValue(inputDefinition, ConstantReportName, eventWriter);
string emailAddress = await GetConfigurationValue(inputDefinition, ConstantEmailAddress, eventWriter);
string password = await GetConfigurationValue(inputDefinition, ConstantPassword, eventWriter, false);
string start = await GetConfigurationValue(inputDefinition, ConstantStartDate, eventWriter);
DateTime startDateTime = start.TryParseDateTime(DateTime.MinValue);
string end = await GetConfigurationValue(inputDefinition, ConstantEndDate, eventWriter);
DateTime endDateTime = end.TryParseDateTime(DateTime.MinValue);
#endregion Get param values
ReportingContext context = new ReportingContext();
context.UserName = emailAddress;
context.Password = password;
context.FromDateTime = startDateTime;
context.ToDateTime = endDateTime;
context.SetLogger(new SplunkTraceLogger(eventWriter));
IReportVisitor visitor = new SplunkReportVisitor(streamName, eventWriter);
while (true)
{
await Task.Delay(1000);
ReportingStream stream = new ReportingStream(context, reportName, streamName);
stream.RetrieveData(visitor);
}
}
/// <summary>
/// Pulls down commit data from GitHub and creates events for each commit, which are then streamed to Splunk.
/// </summary>
/// <remarks>
/// This function will be invoked once for each instance of the modular input, though that invocation
/// may or may not be in separate processes, depending on how the modular input is configured. It should
/// extract the arguments it needs from <tt>inputDefinition</tt>, then write events to <tt>eventWriter</tt>
/// (which is thread safe).
/// </remarks>
/// <param name="inputDefinition">The definition for this instance of the GitHub input, representing a GitHub repository.</param>
/// <param name="eventWriter">An object that handles writing events to Splunk.</param>
public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
var owner = ((SingleValueParameter)inputDefinition.Parameters["Owner"]).ToString();
var repository = ((SingleValueParameter)inputDefinition.Parameters["Repository"]).ToString();
var checkpointFilePath = Path.Combine(inputDefinition.CheckpointDirectory, owner + " " + repository + ".txt");
var productHeader = new ProductHeaderValue("splunk-sdk-csharp-github-commits");
ObservableGitHubClient client;
if (!inputDefinition.Parameters.ContainsKey("Token") || String.IsNullOrWhiteSpace(((SingleValueParameter)inputDefinition.Parameters["Token"]).ToString()))
{
client = new ObservableGitHubClient(productHeader);
}
else
{
client = new ObservableGitHubClient(productHeader, new InMemoryCredentialStore(new Credentials(((SingleValueParameter)inputDefinition.Parameters["Token"]).ToString())));
}
var shaKeys = new HashSet <string>();
var fileReader = new StreamReader(File.Open(checkpointFilePath, System.IO.FileMode.OpenOrCreate));
string line;
while (!String.IsNullOrWhiteSpace(line = await fileReader.ReadLineAsync()))
{
shaKeys.Add(line);
}
fileReader.Close();
bool done = false;
var fileWriter = new StreamWriter(checkpointFilePath);
// Use Rx to stream an event for each commit as they come in
client.Repository.Commits.GetAll(owner, repository).Subscribe(
async githubCommit =>
{
if (!shaKeys.Contains(githubCommit.Sha))
{
await StreamCommit(githubCommit, eventWriter, owner, repository);
await fileWriter.WriteLineAsync(githubCommit.Sha); // Write to the checkpoint file
shaKeys.Add(githubCommit.Sha);
await eventWriter.LogAsync(Severity.Info, repository + " indexed a Github commit with sha: " + githubCommit.Sha);
}
},
async e =>
{
//error handing goes here
await eventWriter.LogAsync(Severity.Error, e.GetType() + " - " + e.StackTrace);
},
() =>
{
//completion handling goes here
fileWriter.Close();
done = true;
}
);
// Wait for Rx subscribe to finish above
while (!done)
{
await Task.Delay(100);
}
}
public void LogInformation(string message)
{
writer.LogAsync(Severity.Info, message).Wait();
}