Merge branch 'develop' into ADDON-73695-os_dependent_libraries_for_py39

.markdownlint.yaml

@@ -3,6 +3,14 @@
 # MD001/heading-increment
 MD001: false
 
+ul-style:
+  style: sublist
+
+MD007:
+  # set indent as 4 spaces
+  # reason: https://python-markdown.github.io/#differences
+  indent: 4
+
 # MD010/no-hard-tabs
 MD010:
   # Include code blocks

docs/advanced/groups_feature.md

@@ -7,8 +7,8 @@ The groups will be displayed at the bottom of the form.
 - `label` displays the title of a specific group.
 - `fields` specifies the list of fields in a group. All fields must be present in the **entity**.
 - `options`:
-  - `isExpandable` can be used to hide/show fields of the group. The default value is **false**.
-  - `expand` can be used to show all fields of the group while opening the form. The default value is **false**.
+    + `isExpandable` can be used to hide/show fields of the group. The default value is **false**.
+    + `expand` can be used to show all fields of the group while opening the form. The default value is **false**.
 
 ### Usage
 

docs/advanced/oauth_support.md

@@ -6,40 +6,40 @@ Auth can be used inside the entity tag. Use `type: "oauth"` in the entity list a
 
 - `type` field value must be oauth.
 - `options`:
-  - `auth_type` must be present. It can have either ["basic", "oauth"] (If we want basic and oauth both support) or ["oauth"] (If we want oauth support only).
-  - `basic` must be present only if the auth_type is ["basic"].
-    - This will have a list of fields for you to add in the basic authentication flow. In the given example, it is username, password, and security_token.
-    - **Note: As of now, if you are selecting basic as auth_type, then the username and password fields are mandatory.**
-  - `oauth` will have a list of fields for you to add in the oauth authentication flow. In the given example, it is `client_id`, `client_secret`, `redirect_url`, `scope`, and `endpoint`.
-  - These fields are mandatory:
-    - `client_id` is the client id for applying auth to your app or apps.
-    - `client_secret` is the client secret for applying auth to your app or apps.
-    - `redirect_url` will show the redirect url, which needs to be put in the app's redirect url.
-    - `endpoint` will be the endpoint for you to build oauth support. For example, for salesforce, it will either  be "login.salesforce.com", "test.salesforce.com", or any other custom endpoint.
-      - There is also the ability to specify separate endpoints for authorize and token. To do this, instead of the single 'endpoint' field, use two separate ones:
-        - `endpoint_authorize` specifies the endpoint used for authorization, for example, login.salesforce.com.
-        - `endpoint_token` specifies the endpoint used for the token acqusition, for example, api.login.salesforce.com.
-  - `auth_code_endpoint` must be present and its value should be the endpoint value for getting the auth_code using the app. If the url to get the auth_code is https://login.salesforce.com/services/oauth2/authorize, then this will have the value /services/oauth2/authorize.
-  - `access_token_endpoint` must be present and its value should be the endpoint value for getting the ccess_token using the auth_code received. If the url to get the access token is https://login.salesforce.com/services/oauth2/token, then it will have the value /services/oauth2/token.
-  - `auth_label` allows the user to have the custom label for the Auth Type dropdown.
-  - `oauth_popup_width` is the width in pixels of the pop-up window that will open for oauth authentication (Optional, defaults to 600).
-  - `oauth_popup_height` is the height in pixels of the pop-up window that will open for oauth authentication (Optional, defaults to 600).
-  - `oauth_timeout` is the timeout in seconds for oauth authentication (Optional, defaults to 180 seconds).
-  - `oauth_state_enabled` is used to include the state for oauth authentication (default value is false).
-  - `auth_endpoint_token_access_type` is an optional parameter that is mapped into the value of the token_access_type query param in the authorisation url.
+    + `auth_type` must be present. It can have either ["basic", "oauth"] (If we want basic and oauth both support) or ["oauth"] (If we want oauth support only).
+    + `basic` must be present only if the auth_type is ["basic"].
+        - This will have a list of fields for you to add in the basic authentication flow. In the given example, it is username, password, and security_token.
+        - **Note: As of now, if you are selecting basic as auth_type, then the username and password fields are mandatory.**
+    + `oauth` will have a list of fields for you to add in the oauth authentication flow. In the given example, it is `client_id`, `client_secret`, `redirect_url`, `scope`, and `endpoint`.
+    + These fields are mandatory:
+        - `client_id` is the client id for applying auth to your app or apps.
+        - `client_secret` is the client secret for applying auth to your app or apps.
+        - `redirect_url` will show the redirect url, which needs to be put in the app's redirect url.
+        - `endpoint` will be the endpoint for you to build oauth support. For example, for salesforce, it will either  be "login.salesforce.com", "test.salesforce.com", or any other custom endpoint.
+            + There is also the ability to specify separate endpoints for authorize and token. To do this, instead of the single 'endpoint' field, use two separate ones:
+                - `endpoint_authorize` specifies the endpoint used for authorization, for example, login.salesforce.com.
+                - `endpoint_token` specifies the endpoint used for the token acqusition, for example, api.login.salesforce.com.
+    + `auth_code_endpoint` must be present and its value should be the endpoint value for getting the auth_code using the app. If the url to get the auth_code is https://login.salesforce.com/services/oauth2/authorize, then this will have the value /services/oauth2/authorize.
+    + `access_token_endpoint` must be present and its value should be the endpoint value for getting the ccess_token using the auth_code received. If the url to get the access token is https://login.salesforce.com/services/oauth2/token, then it will have the value /services/oauth2/token.
+    + `auth_label` allows the user to have the custom label for the Auth Type dropdown.
+    + `oauth_popup_width` is the width in pixels of the pop-up window that will open for oauth authentication (Optional, defaults to 600).
+    + `oauth_popup_height` is the height in pixels of the pop-up window that will open for oauth authentication (Optional, defaults to 600).
+    + `oauth_timeout` is the timeout in seconds for oauth authentication (Optional, defaults to 180 seconds).
+    + `oauth_state_enabled` is used to include the state for oauth authentication (default value is false).
+    + `auth_endpoint_token_access_type` is an optional parameter that is mapped into the value of the token_access_type query param in the authorisation url.
 
-  - The fields allowed in the basic and oauth fields are the following:
-    - `oauth_field` should be kept as it is and without any change.
-    - `label` can be changed if the user wants to change the label of the field in UI.
-    - `field` must keep it as it is for mandatory fields as mentioned before.
-    - `help` can be changed the if user wants to change the help text displayed below the field.
-    - `encrypted` should be true if the user wants that particular field encrypted, otherwise, there is no need to have this parameter.
-    - `required` specifies whether the field is required or not. The default value is true.
-    - `defaultValue` is the initial input value (string, number, or boolean).
-    - `options`:
-      - `placeholder`: (RENOUNCED) The placeholder for the field.
-      - `disableonEdit`: When the form is in edit mode, the field becomes unable to be edited. The default value is false.
-      - `enable`: The enable property sets whether a field is enabled or not. The default value is true.
+    + The fields allowed in the basic and oauth fields are the following:
+        - `oauth_field` should be kept as it is and without any change.
+        - `label` can be changed if the user wants to change the label of the field in UI.
+        - `field` must keep it as it is for mandatory fields as mentioned before.
+        - `help` can be changed the if user wants to change the help text displayed below the field.
+        - `encrypted` should be true if the user wants that particular field encrypted, otherwise, there is no need to have this parameter.
+        - `required` specifies whether the field is required or not. The default value is true.
+        - `defaultValue` is the initial input value (string, number, or boolean).
+        - `options`:
+            + `placeholder`: (RENOUNCED) The placeholder for the field.
+            + `disableonEdit`: When the form is in edit mode, the field becomes unable to be edited. The default value is false.
+            + `enable`: The enable property sets whether a field is enabled or not. The default value is true.
 
 > [!WARNING]
 > The [Placeholder](https://splunkui.splunkeng.com/Packages/react-ui/Text?section=develop) attribute is deprecated and renounced. Instead, we recommend to use the "help" attribute.

docs/alert_actions/alert_scripts.md

@@ -9,16 +9,16 @@ The following files would be created/ updated in the output folder once you exec
 In the python file that is created, below are the methods that you can use or override for varying use cases:
 
 - `process_event()`
-  - This is the start point of where you require to write the logic of sending data from Splunk to any other
+    + This is the start point of where you require to write the logic of sending data from Splunk to any other
 service via its APIs. Additionally, you can validate the parameters that are provided in the alert action
 as client side validation (via JavaScript) isn't allowed in Splunk's alert action's HTML page for
 security reasons. <br> Note: This method must be overwritten.
 - `get_events()` -> List[dict]
-  - Used to get the events that triggered the alert. It returns a list of dictionary. A dictionary points to an event that triggered the alert, and each dictionary has the fields extracted by Splunk.
+    + Used to get the events that triggered the alert. It returns a list of dictionary. A dictionary points to an event that triggered the alert, and each dictionary has the fields extracted by Splunk.
 - `addevent(raw: str, sourcetype: str)`
-  - If you are bringing additional information from an outer service, you can write that information using this method. You write a single record using the method. This method will append all the records and will dump it to Splunk when `writeevents()` method is called.
+    + If you are bringing additional information from an outer service, you can write that information using this method. You write a single record using the method. This method will append all the records and will dump it to Splunk when `writeevents()` method is called.
 - `writeevents(index: str, host: str, source: str)`
-  - All the events added to the queue using `addevent()` method are written to Splunk with the details passed in the arguments.
+    + All the events added to the queue using `addevent()` method are written to Splunk with the details passed in the arguments.
 
 An example of a script with validations:
 

docs/alert_actions/index.md

@@ -25,7 +25,7 @@ Developers are required to add alerts in the global config file to create an Ale
 
 | Property                                                                  | Type   | Description                                                                                            |
 |---------------------------------------------------------------------------|--------|--------------------------------------------------------------------------------------------------------|
-| type<span class="required-asterisk">\*</span>                            | string | The type of the user input in the alert. Available choices: "text", "checkbox", "singleSelect", "radio", "singleSelectSplunkSearch". |
+| type<span class="required-asterisk">\*</span>                            | string | The type of the user input in the alert. Available choices: "text", "textarea", "checkbox", "singleSelect", "radio", "singleSelectSplunkSearch". |
 | label<span class="required-asterisk">\*</span>                            | string | The text that would be shown in the alert action UI. |
 | field<span class="required-asterisk">\*</span>                            | string | The field that would be used in the scripts to get the value from the user input. These are defined as `param.<field_mentioned>` in the `alert_actions.conf`. |
 | options                            | array | Static choices that a user can select in the alert action UI. |

docs/contributing.md

@@ -129,7 +129,7 @@ gh pr merge main --auto --merge
 ```
 
 - If a release encounters issues requiring a quick bug fix (handled by the UCC team):
-  - Create a PR to the main branch with the fix, including tests that reproduce and then fix the issue.
-  - Ensure CI passes and await team review.
-  - Merge the PR using the merge commit option on GitHub.
-  - Backport the bug fix PR to the develop branch.
+    + Create a PR to the main branch with the fix, including tests that reproduce and then fix the issue.
+    + Ensure CI passes and await team review.
+    + Merge the PR using the merge commit option on GitHub.
+    + Backport the bug fix PR to the develop branch.

docs/dashboard.md

@@ -113,6 +113,27 @@ except Exception as e:
     log.log_exception(logger, e, "Other")
 ```
 
+By default, the error section displays events logged with the ERROR level, but since version **5.50** UCC allows the user to define what level of logs should be displayed in this section. There are two levels to choose from:
+
+* ERROR
+* CRITICAL
+
+```json
+        "dashboard": {
+            "panels": [
+                {
+                    "name": "default"
+                }
+            ],
+            "settings": {
+                "error_panel_log_lvl": [
+                    "ERROR",
+                    "CRITICAL"
+                ]
+            }
+        }
+```
+
 ## Configuration
 
 To be able to add a monitoring dashboard page to an existing add-on, you need to adjust your

docs/generated_files.md

@@ -8,6 +8,16 @@ Below table describes the files generated by UCC framework
 
 | File Name  | File Location | File Description |
 | ------------ | ------------ | ----------------- |
+| app.conf | output/<YOUR_ADDON_NAME>/default | Generates `app.conf` with the details mentioned in globalConfig[meta] |
+| inputs.conf | output/<YOUR_ADDON_NAME>/default | Generates `inputs.conf` and `inputs.conf.spec` file for the services mentioned in globalConfig |
+| server.conf | output/<YOUR_ADDON_NAME>/default | Generates `server.conf` for the custom conf files created as per configurations in globalConfig |
+| restmap.conf | output/<YOUR_ADDON_NAME>/default | Generates `restmap.conf` for the custom REST handlers that are generated based on configs from globalConfig |
+| web.conf | output/<YOUR_ADDON_NAME>/default | Generates `web.conf` to expose the endpoints generated in `restmap.conf` which is generated based on configurations from globalConfig. |
+| alert_actions.conf | output/<YOUR_ADDON_NAME>/default | Generates `alert_actions.conf` and `alert_actions.conf.spec` file for the custom alert actions defined in globalConfig |
+| eventtypes.conf | output/<YOUR_ADDON_NAME>/default | Generates `eventtypes.conf` file if the sourcetype is mentioned in Adaptive Response of custom alert action in globalConfig |
+| tags.conf | output/<YOUR_ADDON_NAME>/default | Generates `tags.conf` file based on the `eventtypes.conf` created for custom alert actions. |
+| _account.conf | output/&lt;YOUR_ADDON_NAME&gt;/README | Generates `<YOUR_ADDON_NAME>_account.conf.spec` file for the configuration mentioned in globalConfig |
+| _settings.conf | output/&lt;YOUR_ADDON_NAME&gt;/README | Generates `<YOUR_ADDON_NAME>_settings.conf.spec` file for the Proxy, Logging or Custom Tab mentioned in globalConfig |
 | configuration.xml | output/&lt;YOUR_ADDON_NAME&gt;/default/data/ui/views | Generates configuration.xml file in `default/data/ui/views/` folder if globalConfig is present. |
 | dashboard.xml | output/&lt;YOUR_ADDON_NAME&gt;/default/data/ui/views | Generates dashboard.xml file based on dashboard configuration present in globalConfig in `default/data/ui/views` folder. |
 | default.xml | output/&lt;YOUR_ADDON_NAME&gt;/default/data/ui/nav | Generates default.xml file based on configs present in globalConfigin in `default/data/ui/nav` folder. |

docs/metadata.md

@@ -9,8 +9,8 @@ Metadata contains general information about add-on build.
 | Property                                                      | Type    | Description                                                                                                                                     |
 |---------------------------------------------------------------|---------|-------------------------------------------------------------------------------------------------------------------------------------------------|
 | displayName<span class="required-asterisk">\*</span>          | string  | Name displayed for end user.                                                                                                                    |
-| name<span class="required-asterisk">\*</span>                 | string  | Name used for API endpoints and all code references separating separating endpoints from any other app.                                         |
-| restRoot<span class="required-asterisk">\*</span>             | string  | String used to create API endpoints. <br> Follow patter `/^\w+$/`.                                                                              |
+| name<span class="required-asterisk">\*</span>                 | string  | Name used for API endpoints and all code references separating endpoints from any other app. Please refer to [app.conf/[package]/id](https://docs.splunk.com/Documentation/Splunk/latest/Admin/Appconf#.5Bpackage.5D) for more details. |
+| restRoot<span class="required-asterisk">\*</span>             | string  | String used to create API endpoints, allows alphanumeric and `-` characters.                                                                    |
 | apiVersion                                                    | string  | [Deprecated] Version of used API.                                                                                                               |
 | version<span class="required-asterisk">\*</span>              | string  | Version of the add-on.                                                                                                                          |
 | schemaVersion                                                 | string  | Version of JSON schema used in build process.                                                                                                   |