Welcome to HttpEvent’s documentation!¶
HttpEvent is a Python class to facilitate sending events to Splunk via their Http Event Collector.
Contents:
-
class
HttpEventCollector.HttpEventCollector(token, server='localhost', port=8088, ssl=True, verify=True, url_path='/services/collector/event', url_path_prefix='', metadata={}, headers={}, get_host=<function <lambda>>, add_host=False, get_time=<function <lambda>>, add_time=False, valid_metadata_fields=['host', 'source', 'sourcetype', 'time'])[source]¶ Send events to Splunk’s HttpEventCollector
This class is meant to send data to an instance of Splunk’s i HttpEventCollector for indexing. It has been designed with the hope that it will be flexible enough to allow it to function in diverse environments.
Keyword Arguments: token - the event collector token provided by the Splunk administrator server - the server (hostname, fqdn, or ip as appropriate) to connect to Default: localhost port - the port to connect on Default:8088 ssl - Boolean indicating if ssl should be used verify - Boolean or string Boolean indicates if the certificate should be validated. If a string, it should be a path to the CA certificate to use for validation or to a directory of CA certs to use url_path - the path to the event collector’s endpoint; this is hard coded in Splunk so shouldn’t change unless a newer version changes it url_path_prefix - the prefix to use before url_path ; this is insert between the port and the url_path metadata - metadata fields (host, index, source, sourcetype, time) to add to events headers - hash from which http headers are built get_host - a function which accepts one argument of an event which returns the hostname; only used if add_host is True at either the class or function level add_host - boolean indicating if the host value should be added to the event’s metadata get_time - a function which accepts one argument of an event and which returns the time; only used if add_time is True at either the class or function level add_time - boolean indicating if a time value should be added to the event’s metadata valid_metadata_fields - valid metadata fields ; used to filter the metadata
-
send(data, metadata={}, headers={}, addHost=False, addTime=False)[source]¶ send data to the http event collector
Arguments: data - the event to send as a dictionary to be converted to JSON metadata - a dictionary of fields to add as metadata (e.g. time, source, sourcetype, or host) addHost - boolean indicating if a hostname should be added to the metadata addTime - boolean indicating if a timestamp should be added to the meatdata
-