public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
double min = ((SingleValueParameter)inputDefinition.Parameters["min"]).ToDouble();
double max = ((SingleValueParameter)inputDefinition.Parameters["max"]).ToDouble();
while (true)
{
await Task.Delay(100);
await eventWriter.QueueEventForWriting(new Event
{
Stanza = inputDefinition.Name,
Data = "number=" + (rnd.NextDouble() * (max - min) + min)
});
}
}
/// <summary>
/// Handles creating an Event object from a GitHub commit which will be streamed into Splunk.
/// </summary>
/// <param name="githubCommit">The individual GithubCommit object which holds the data for a commit.</param>
/// <param name="eventWriter">The EventWriter for streaming events to Splunk.</param>
/// <param name="owner">The GitHub repository owner's name.</param>
/// <param name="repositoryName">The GitHub repository's name.</param>
public async Task StreamCommit(GitHubCommit githubCommit, EventWriter eventWriter, string owner, string repositoryName)
{
string authorName = githubCommit.Commit.Author.Name;
DateTime date = githubCommit.Commit.Author.Date;
// Replace any newlines with a space
string commitMessage = Regex.Replace(githubCommit.Commit.Message, "\\n|\\r", " ");
dynamic json = new JObject();
json.sha = githubCommit.Sha;
json.api_url = githubCommit.Url;
json.url = "http://github.com/" + owner + "/" + repositoryName + "/commit/" + githubCommit.Sha;
json.message = commitMessage;
json.author = authorName;
json.date = date.ToString();
var commitEvent = new Event();
commitEvent.Stanza = repositoryName;
commitEvent.SourceType = "github_commits";
commitEvent.Time = date;
commitEvent.Data = json.ToString(Formatting.None);
await eventWriter.QueueEventForWriting(commitEvent);
}
public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
int interval = 1000;
try
{
// if user didn't give value for polling_interval, type conversion to SingleValueParameter will throw
interval = int.Parse(((SingleValueParameter)inputDefinition.Parameters["polling_interval"]).ToString());
}
catch (Exception)
{
}
const string Seperator = @"://";
int index = inputDefinition.Name.IndexOf(Seperator) + Seperator.Length;
string varName = inputDefinition.Name.Substring(index);
string lastVarValue = null;
while (true)
{
await Task.Delay(interval);
string varValue = Environment.GetEnvironmentVariable(varName, EnvironmentVariableTarget.Machine);
// Event data can't be null for real events.
varValue = varValue ?? "(not exist)";
// Splunk does not record lines with only white spaces.
varValue = string.IsNullOrWhiteSpace(varValue) ? "(white space)" : varValue;
if (varValue != lastVarValue)
{
await eventWriter.QueueEventForWriting(new Event
{
Stanza = varName,
Data = string.Format("{0}, interval={1}, inputDefinition.Name={2} , varName={3}",
varValue, interval, inputDefinition.Name, varName)
});
lastVarValue = varValue;
}
}
}
/// <summary>
/// Write events to Splunk from this modular input.
/// </summary>
/// <remarks>
/// This function will be invoked once for each instance of the modular input, though that invocation
/// may or may not be in separate processes, depending on how the modular input is configured. It should
/// extract the arguments it needs from <tt>inputDefinition</tt>, then write events to <tt>eventWriter</tt>
/// (which is thread safe).
/// </remarks>
/// <param name="inputDefinition">a specification of this instance of the modular input.</param>
/// <param name="eventWriter">an object that handles writing events to Splunk.</param>
public override async Task StreamEventsAsync(InputDefinition inputDefinition, EventWriter eventWriter)
{
try
{
string logfilepath = ((SingleValueParameter)(inputDefinition.Parameters["logfilepath"])).ToString();
Int32 maxmessagecount = ((SingleValueParameter)(inputDefinition.Parameters["maxmessagecount"])).ToInt32();
Int32 cycletime = ((SingleValueParameter)(inputDefinition.Parameters["cycletime"])).ToInt32();
//Setup the options input
OptionsStruct localOptionsStruct = new OptionsStruct();
localOptionsStruct.LogDirectory = logfilepath;
// Initialize the log reader
aaLogReader.aaLogReader logReader = new aaLogReader.aaLogReader(localOptionsStruct);
// Write an entry to the Splunk system log indicating we have initialized
await eventWriter.LogAsync(Severity.Info, "Initialized Log reader for path " + logfilepath + " and message count " + maxmessagecount.ToString());
while (true)
{
await (Task.Delay(cycletime));
//Simple call to get all unread records, limiting the return count to max message count
List<LogRecord> logRecords = logReader.GetUnreadRecords((ulong)maxmessagecount);
// Loop through each lastRecordRead and send to Splunk
foreach (LogRecord record in logRecords)
{
await eventWriter.QueueEventForWriting(new Event
{
Stanza = inputDefinition.Name,
Data = record.ToKVP()
});
}
}
}
catch (Exception ex)
{
// Eat error message
eventWriter.LogAsync(Severity.Error, ex.ToString());
}
}