eventing_app for CSC tests

vmalaviya-splunk · vmalaviya-splunk · commit c049e61c1187 · 2022-06-07T17:55:01.000+05:30
diff --git a/tests/searchcommands/test_apps/eventing_app/bin/eventingcsc.py b/tests/searchcommands/test_apps/eventing_app/bin/eventingcsc.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+# coding=utf-8
+#
+# Copyright 2011-2015 Splunk, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"): you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os,sys
+
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "lib"))
+from splunklib.searchcommands import dispatch, EventingCommand, Configuration, Option, validators
+
+
+@Configuration()
+class EventingCSC(EventingCommand):
+    """
+    The eventingapp command filters records from the events stream returning only those for which the status is same
+    as search query.
+
+    Example:
+
+    ``index="_internal" | head 4000 | eventingcsc status=200``
+
+    Returns records having status 200 as mentioned in search query.
+    """
+
+    status = Option(
+        doc='''**Syntax:** **status=***<value>*
+        **Description:** record having same status value will be returned.''',
+        require=True)
+
+    def transform(self, records):
+        for record in records:
+            if str(self.status) == record["status"]:
+                yield record
+
+
+dispatch(EventingCSC, sys.argv, sys.stdin, sys.stdout, __name__)
diff --git a/tests/searchcommands/test_apps/eventing_app/default/app.conf b/tests/searchcommands/test_apps/eventing_app/default/app.conf
@@ -0,0 +1,16 @@
+#
+# Splunk app configuration file
+#
+
+[install]
+is_configured = 0
+
+[ui]
+is_visible = 1
+label = Eventing App
+
+[launcher]
+description = Eventing custom search commands example
+version = 1.0.0
+author = Splunk
+
diff --git a/tests/searchcommands/test_apps/eventing_app/default/commands.conf b/tests/searchcommands/test_apps/eventing_app/default/commands.conf
@@ -0,0 +1,4 @@
+[eventingcsc]
+filename = eventingcsc.py
+chunked = true
+python.version = python3
diff --git a/tests/searchcommands/test_apps/eventing_app/metadata/default.meta b/tests/searchcommands/test_apps/eventing_app/metadata/default.meta
@@ -0,0 +1,40 @@
+
+# Application-level permissions
+
+[]
+access = read : [ * ], write : [ admin, power ]
+
+### EVENT TYPES
+
+[eventtypes]
+export = system
+
+
+### PROPS
+
+[props]
+export = system
+
+
+### TRANSFORMS
+
+[transforms]
+export = system
+
+
+### LOOKUPS
+
+[lookups]
+export = system
+
+
+### VIEWSTATES: even normal users should be able to create shared viewstates
+
+[viewstates]
+access = read : [ * ], write : [ * ]
+export = system
+
+[commands/eventingcsc]
+access = read : [ * ], write : [ * ]
+export = system
+owner = Splunk
