Refactor how we get splunk status response. (#114)

* Refactor how we get splunk status response.

main.py

@@ -159,8 +159,9 @@ def __main__():
                     time.sleep(1)
                     status = transmission.status(search_id)
                     while status['progress'] < 100:
-                        print( status['progress'] )
-
+                        print(status)
+                        status = transmission.status(search_id)
+                print(status)
                 result = transmission.results(search_id, 0, 9)
                 if result["success"]:
                     print("Search {} results is:\n{}".format(search_id,result["data"]))

stix_shifter/stix_transmission/src/modules/splunk/splunk_status_connector.py

@@ -2,8 +2,13 @@
 from .spl_api_client import APIClient
 import json
 import math
+from enum import Enum
 from .....utils.error_response import ErrorResponder
 
+class StatusSplunk(Enum):
+    COMPLETED = 'DONE'
+    ERROR = 'FAILED'
+    RUNNING = 'RUNNING'
 
 class SplunkStatusConnector(BaseStatusConnector):
     def __init__(self, api_client):
@@ -20,18 +25,17 @@ def create_status_connection(self, search_id):
         if 'entry' in response_dict and isinstance(response_dict['entry'], list):
             content = response_dict['entry'][0]['content']
             progress = math.ceil(content['doneProgress'] * 100)  # convert 0-1.0 scale to <int>0-100
+            status = content['dispatchState']
 
-            if content['isDone'] is True:
+            if status == StatusSplunk.COMPLETED.value:
                 status = Status.COMPLETED.value
-            elif content['isFailed'] is True:
+            elif status == StatusSplunk.ERROR.value:
                 status = Status.ERROR.value
             elif content['isFinalized'] is True:
                 status = Status.CANCELED.value
-            elif progress < 100:
-                status = Status.RUNNING.value
             else:
-                status = 'NA'
-        
+                status = Status.RUNNING.value
+
         # Construct a response object
         return_obj = dict()
         if response_code == 200:

tests/stix_transmission/splunk/api_response/status_by_sid_failed.json

@@ -0,0 +1,270 @@
+{
+  "links": {},
+  "origin": "https://9.99.999.99:0123/services/search/jobs",
+  "updated": "2018-09-13T09:49:40+00:00",
+  "generator": {
+    "build": "2b5b15c4ee89",
+    "version": "7.0.1"
+  },
+  "entry": [
+    {
+      "name": "search eventtype=network_traffic | fields   tag| spath",
+      "id": "https://9.99.999.99:0123/services/search/jobs/1536832140.4293",
+      "updated": "2018-09-13T09:49:40.645+00:00",
+      "links": {
+        "alternate": "/services/search/jobs/1536832140.4293",
+        "search.log": "/services/search/jobs/1536832140.4293/search.log",
+        "events": "/services/search/jobs/1536832140.4293/events",
+        "results": "/services/search/jobs/1536832140.4293/results",
+        "results_preview": "/services/search/jobs/1536832140.4293/results_preview",
+        "timeline": "/services/search/jobs/1536832140.4293/timeline",
+        "summary": "/services/search/jobs/1536832140.4293/summary",
+        "control": "/services/search/jobs/1536832140.4293/control"
+      },
+      "published": "2018-09-13T09:49:00.000+00:00",
+      "author": "bhavesh",
+      "content": {
+        "canSummarize": false,
+        "cursorTime": "1970-01-01T00:00:00.000+00:00",
+        "defaultSaveTTL": "604800",
+        "defaultTTL": "600",
+        "delegate": "",
+        "diskUsage": 73728,
+        "dispatchState": "FAILED",
+        "doneProgress": 1,
+        "dropCount": 0,
+        "earliestTime": "2018-04-20T12:36:17.000+00:00",
+        "eventAvailableCount": 1,
+        "eventCount": 1,
+        "eventFieldCount": 10,
+        "eventIsStreaming": true,
+        "eventIsTruncated": false,
+        "eventSearch": "search eventtype=network_traffic | fields tag | spath ",
+        "eventSorting": "desc",
+        "indexEarliestTime": 1535991010,
+        "indexLatestTime": 1535991010,
+        "isBatchModeSearch": false,
+        "isDone": true,
+        "isEventsPreviewEnabled": false,
+        "isFailed": false,
+        "isFinalized": false,
+        "isPaused": false,
+        "isPreviewEnabled": false,
+        "isRealTimeSearch": false,
+        "isRemoteTimeline": false,
+        "isSaved": false,
+        "isSavedSearch": false,
+        "isTimeCursored": true,
+        "isZombie": false,
+        "keywords": "eventtype::network_traffic",
+        "label": "",
+        "normalizedSearch": "litsearch (index=shifter log_type=\"network\") | fields tag | spath  | fields keepcolorder=t \"_bkt\" \"_cd\" \"_si\" \"host\" \"index\" \"linecount\" \"source\" \"sourcetype\" \"splunk_server\"",
+        "numPreviews": 0,
+        "optimizedSearch": "| search eventtype=network_traffic | fields tag | spath",
+        "pid": "9663",
+        "priority": 5,
+        "provenance": "",
+        "remoteSearch": "litsearch (index=shifter log_type=\"network\") | fields  tag  | spath  | fields  keepcolorder=t \"_bkt\" \"_cd\" \"_si\" \"host\" \"index\" \"linecount\" \"source\" \"sourcetype\" \"splunk_server\"",
+        "reportSearch": "",
+        "resultCount": 1,
+        "resultIsStreaming": true,
+        "resultPreviewCount": 1,
+        "runDuration": 0.242112944,
+        "sampleRatio": "1",
+        "sampleSeed": "0",
+        "scanCount": 2,
+        "searchCanBeEventType": false,
+        "searchTotalBucketsCount": 4,
+        "searchTotalEliminatedBucketsCount": 2,
+        "sid": "1536832140.4293",
+        "statusBuckets": 0,
+        "ttl": 600,
+        "performance": {
+          "command.fields": {
+            "duration_secs": 0.001,
+            "invocations": 2,
+            "input_count": 2,
+            "output_count": 2
+          },
+          "command.search": {
+            "duration_secs": 0.004,
+            "invocations": 1,
+            "input_count": 0,
+            "output_count": 1
+          },
+          "command.search.calcfields": {
+            "duration_secs": 0.001,
+            "invocations": 1,
+            "input_count": 2,
+            "output_count": 2
+          },
+          "command.search.expand_search": {
+            "duration_secs": 0.026,
+            "invocations": 1
+          },
+          "command.search.fieldalias": {
+            "duration_secs": 0.001,
+            "invocations": 1,
+            "input_count": 2,
+            "output_count": 2
+          },
+          "command.search.filter": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "command.search.index": {
+            "duration_secs": 0.002,
+            "invocations": 2
+          },
+          "command.search.index.usec_1_8": {
+            "invocations": 85
+          },
+          "command.search.kv": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "command.search.lookups": {
+            "duration_secs": 0.001,
+            "invocations": 1,
+            "input_count": 2,
+            "output_count": 2
+          },
+          "command.search.parse_directives": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "command.search.rawdata": {
+            "duration_secs": 0.002,
+            "invocations": 1
+          },
+          "command.search.summary": {
+            "invocations": 1
+          },
+          "command.search.tags": {
+            "duration_secs": 0.001,
+            "invocations": 1,
+            "input_count": 1,
+            "output_count": 1
+          },
+          "command.search.typer": {
+            "duration_secs": 0.001,
+            "invocations": 1,
+            "input_count": 1,
+            "output_count": 1
+          },
+          "command.spath": {
+            "duration_secs": 0.001,
+            "invocations": 1,
+            "input_count": 1,
+            "output_count": 1
+          },
+          "dispatch.check_disk_usage": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.createdSearchResultInfrastructure": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispa100  5684  100  5668  100    16  10361     29 --:--:-- --:--:-- --:--:-- 10704patch.evaluate.fields": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.evaluate.noop": {
+            "invocations": 1
+          },
+          "dispatch.evaluate.search": {
+            "duration_secs": 0.04,
+            "invocations": 1
+          },
+          "dispatch.evaluate.spath": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.fetch": {
+            "duration_secs": 0.052,
+            "invocations": 2
+          },
+          "dispatch.localSearch": {
+            "duration_secs": 0.004,
+            "invocations": 1
+          },
+          "dispatch.optimize.FinalEval": {
+            "duration_secs": 0.041,
+            "invocations": 1
+          },
+          "dispatch.optimize.matchReportAcceleration": {
+            "duration_secs": 0.142,
+            "invocations": 1
+          },
+          "dispatch.optimize.optimization": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.optimize.reparse": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.optimize.toJson": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.optimize.toSpl": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.readEventsInResults": {
+            "duration_secs": 0.001,
+            "invocations": 1
+          },
+          "dispatch.stream.local": {
+            "duration_secs": 0.004,
+            "invocations": 1
+          },
+          "dispatch.timeline": {
+            "duration_secs": 0.002,
+            "invocations": 2
+          },
+          "dispatch.writeStatus": {
+            "duration_secs": 0.007,
+            "invocations": 7
+          },
+          "startup.configuration": {
+            "duration_secs": 0.015,
+            "invocations": 1
+          },
+          "startup.handoff": {
+            "duration_secs": 0.055,
+            "invocations": 1
+          }
+        },
+        "messages": [],
+        "request": {
+          "search": "search eventtype=network_traffic | fields   tag| spath"
+        },
+        "runtime": {
+          "auto_cancel": "0",
+          "auto_pause": "0"
+        },
+        "searchProviders": ["splunk3-01.internal.resilientsystems.com"]
+      },
+      "acl": {
+        "perms": {
+          "read": ["bhavesh"],
+          "write": ["bhavesh"]
+        },
+        "owner": "bhavesh",
+        "modifiable": true,
+        "sharing": "global",
+        "app": "search",
+        "can_write": true,
+        "ttl": "600"
+      }
+    }
+  ],
+  "paging": {
+    "total": 1,
+    "perPage": 0,
+    "offset": 0
+  }
+}