forked from alertmanager/alert_manager
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathloadincidentresults.py
More file actions
51 lines (41 loc) · 1.44 KB
/
loadincidentresults.py
File metadata and controls
51 lines (41 loc) · 1.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import csv
import sys
import splunk.Intersplunk as intersplunk
import splunk.rest as rest
import urllib
import json
import re
import collections
#(isgetinfo, sys.argv) = intersplunk.isGetInfo(sys.argv)
if len(sys.argv) < 2:
intersplunk.parseError("Please specify a valid incident_id")
#if isgetinfo:
# intersplunk.outputInfo(False, False, True, False, None, True)
# # outputInfo automatically calls sys.exit()
stdinArgs = sys.stdin.readline()
stdinArgs = stdinArgs.strip()
stdinArgs = stdinArgs[11:]
stdinArgs = urllib.unquote(stdinArgs).decode('utf8')
match = re.search(r'<authToken>([^<]+)</authToken>', stdinArgs)
sessionKey = match.group(1)
incident_id = sys.argv[1]
query = {}
query['incident_id'] = incident_id
uri = '/servicesNS/nobody/alert_manager/storage/collections/data/incident_results?query=%s' % urllib.quote(json.dumps(query))
serverResponse, serverContent = rest.simpleRequest(uri, sessionKey=sessionKey)
data = json.loads(serverContent)
#sys.stderr.write("data: %s" % data)
field_list = None
results = []
for result in data:
if "field_list" in result:
field_list = result["field_list"]
for line in result["fields"]:
if type(field_list) is list:
ordered_line = collections.OrderedDict()
for field in field_list:
ordered_line[field] = line[field]
results.append(ordered_line)
else:
results.append(line)
intersplunk.outputResults(results)