R/splunkconnector.R

In hyunhonoh/splunkconnector: Splunk Connect using Restapi

#Get data form Splunk SavedSearch
#@param serverinfo Server connection info (servername or ip, id, password)
#@param savedsearchQuery run savedsearch name
#@return Splunk sid
#@examples
#  sinfo<-c("localhost","admin","changeme")
#  savedsearchQuery(sinfo, "savedseachname")
#'@export
#'


savedsearchQuery <- function(serverinfo, savedsearchName){
  sid <- getsavedsearch_sid(serverinfo, savedsearchName)
  isDone <- checkjobfinish(serverinfo, sid)
  return (c(sid=sid, isDone=isDone))
}

getsavedsearch_sid <- function(serverinfo, savedsearchName) {
  uri <- paste("https://", serverinfo[1] , ":8089/services/search/jobs", sep="")
  bodysearch <- paste("search=savedsearch ", savedsearchName, sep="")
  result<-POST(uri, authenticate(serverinfo[2], serverinfo[3]),   config = httr::config(ssl_verifypeer = FALSE, ssl_verifyhost=FALSE), body=bodysearch)
  data<-xmlParse(result)
  xml_data <- xmlToList(data)
  # 리턴값으로 작업 id를 리턴
  return(xml_data$sid)
}

checkjobfinish <- function(serverinfo, sid) {
  servicessearchstatusstr <- paste("https://", serverinfo[1] ,":8089/services/search/jobs/", sid, "/", sep="")
  result<-POST(servicessearchstatusstr, authenticate(serverinfo[2], serverinfo[3]),   config = httr::config(ssl_verifypeer = FALSE, ssl_verifyhost=FALSE))
  result<-read_html(result)
  isDone<-html_text(html_nodes(result, "key[name='isDone']"))
  return(isDone)
}


# reference
# //entry/content/s:dict/s:key[@name='isDone']

# html_attr(html_nodes(result, "key"), name="name")
#  [1] "cursorTime"      "defaultSaveTTL"  "defaultTTL"      "delegate"
#  [5] "diskUsage"       "dispatchState"   "doneProgress"    "earliestTime"
#  [9] "isDone"          "isFailed"        "isFinalized"     "isPaused"
# [13] "isSaved"         "isSavedSearch"   "isZombie"        "label"
# [17] "sid"             "statusBuckets"   "ttl"             "messages"
# [21] "request"         "search"          "runtime"         "auto_cancel"
# [25] "auto_pause"      "eai:acl"         "perms"           "read"
# [29] "write"           "owner"           "modifiable"      "sharing"
# [33] "app"             "can_write"       "ttl"             "searchProviders"