Skip to content
This repository has been archived by the owner on Dec 17, 2021. It is now read-only.

Commit

Permalink
Merge pull request #71 from splunk/develop
Browse files Browse the repository at this point in the history
Develop
  • Loading branch information
weliasz authored May 24, 2021
2 parents ebd56d3 + 061fd48 commit 5d40c86
Show file tree
Hide file tree
Showing 6 changed files with 39 additions and 5 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/exclude-patterns.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
mibs/.*\.py
poetry.lock
3 changes: 2 additions & 1 deletion .github/workflows/review-secrets.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,5 @@ jobs:
uses: actions/checkout@v1
- name: Trufflehog Actions Scan
uses: edplato/[email protected]

with:
scanArguments: "-x /github/workspace/.github/workflows/exclude-patterns.txt"
5 changes: 4 additions & 1 deletion splunk_connect_for_snmp_traps/manager/hec_sender.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
import logging
import os
import threading
import time

import requests

Expand All @@ -24,6 +25,7 @@ def configure_thread_pool(self):
user_suggested_working_threads = self._args.hec_threads
max_workers = max_allowed_working_threads(user_suggested_working_threads)
logger.debug(f"Configured a thread-pool with {max_workers} concurrent threads")
logger.debug(f"Configured Splunk index for SNMP traps: {self._args.index}")
return concurrent.futures.ThreadPoolExecutor(max_workers=max_workers)

def get_session(self):
Expand All @@ -33,9 +35,10 @@ def get_session(self):

def post_data_to_thread_pool(self, host, variables_binds):
data = {
"time": time.time(),
"sourcetype": "sc4snmp:traps",
"host": host,
"index": self._server_config["splunk"]["index"],
"index": self._args.index,
"event": variables_binds,
}

Expand Down
9 changes: 6 additions & 3 deletions splunk_connect_for_snmp_traps/manager/mib_server_client.py
Original file line number Diff line number Diff line change
@@ -1,10 +1,13 @@
import logging
import json
import requests
import logging
import os

import requests
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.retry import Retry

from splunk_connect_for_snmp_traps.utilities import format_value_for_mib_server

logger = logging.getLogger(__name__)


Expand All @@ -22,7 +25,7 @@ def get_translation(var_binds, mib_server_url):
var_bind = {
"oid": str(name),
"oid_type": name.__class__.__name__,
"val": str(val),
"val": format_value_for_mib_server(val, val.__class__.__name__),
"val_type": val.__class__.__name__,
}
var_binds_list.append(var_bind)
Expand Down
4 changes: 4 additions & 0 deletions splunk_connect_for_snmp_traps/snmp_trap_server.py
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ def main():
)
parser.add_argument("-c", "--config", default="config.yaml", help="Config File")

parser.add_argument(
"-i", "--index", default="##EVENTS_INDEX##", help="Index for traps"
)

args = parser.parse_args()

log_level = args.loglevel.upper()
Expand Down
21 changes: 21 additions & 0 deletions splunk_connect_for_snmp_traps/utilities.py
Original file line number Diff line number Diff line change
Expand Up @@ -29,3 +29,24 @@ def initialize_signals_handler():
)
for one_signal in signals_to_catch:
signal.signal(one_signal, default_signal_handler)


# 1.3.6.1.2.1.2.2.1.4.1|Integer|16436|16436|True
# 1.3.6.1.2.1.1.6.0|DisplayString|San Francisco, California, United States|San Francisco, California, United States|True
# 1.3.6.1.2.1.2.2.1.6.2|OctetString|<null>ybù@|0x00127962f940|False
# 1.3.6.1.2.1.1.9.1.2.7|ObjectIdentity|1.3.6.1.2.1.50|SNMPv2-SMI::mib-2.50|False
# 1.3.6.1.2.1.6.13.1.4.195.218.254.105.51684.194.67.10.226.22|IpAddress|ÂCâ|194.67.10.226|False
# 1.3.6.1.2.1.25.3.2.1.6.1025|Counter32|0|0|True
# 1.3.6.1.2.1.31.1.1.1.15.2|Gauge32|100|100|True
# 1.3.6.1.2.1.1.3.0|TimeTicks|148271768|148271768|True
# 1.3.6.1.4.1.2021.10.1.6.1|Opaque|Ÿx>ë…|0x9f78043eeb851f|False
# 1.3.6.1.2.1.31.1.1.1.10.1|Counter64|453477588|453477588|True
#
# As you can see, for most types str(value) == value.prettyPrint(), however:
# - for Opaque, IpAddress, and OctetString we need to use prettyPrint(), otherwise the data is rubbish
# - any other type should use str() before sending data to MIB-server
def format_value_for_mib_server(value, value_type):
if value_type in ("OctetString", "IpAddress", "Opaque"):
return value.prettyPrint()
else:
return str(value)

0 comments on commit 5d40c86

Please sign in to comment.