msticpy.data.uploaders.splunk_uploader module

Splunk Uploader class.

class msticpy.data.uploaders.splunk_uploader.SplunkUploader(**kwargs)

Bases: UploaderBase

Uploader class for Splunk.

Initialize a Splunk Uploader instance.

connect()

Connect to Splunk host.

static get_http_timeout(**kwargs)

Get http timeout from settings or kwargs.

upload_df(data: DataFrame, table_name: str | None = None, index_name: str | None = None, create_index: bool = False, source_type: str | None = None, **kwargs)

Upload a Pandas DataFrame to Splunk.

Parameters:

  • data (pd.DataFrame) – Data to upload.

  • source_type (str, optional) – The sourcetype in Splunk data will be uploaded to. csv, json or other can be input and then passed to df.to_csv(), df.to_json(), df.to_string() styles respectively. “json” is by default.

  • table_name (str, optional) – The backward compatibility of source_type.

  • index_name (str) – Name of the Splunk Index to add data to.

  • host (str, optional) – Host name to upload data with, default will be ‘Upload’

  • create_index (bool, optional) – Set this to true to create the index if it doesn’t already exist. Default is False.

upload_file(file_path: str, table_name: str | None = None, delim: str = ',', index_name: str | None = None, create_index: bool = False, source_type: str | None = None, **kwargs)

Upload a seperated value file to Splunk.

Parameters:

  • file_path (str) – Path to the file to upload.

  • index_name (str) – Name of the Splunk Index to add data to.

  • source_name (str, optional) – The sourcetype in Splunk data will be uploaded to. csv, json or other can be input and then passed to df.to_csv(), df.to_json(), df.to_string() styles respectively. If not set the file name will be used. “json” is by default.

  • table_name (str, optional) – The backward compatibility of source_type.

  • delim (str, optional) – Seperator value in file, by default “,”

  • host (str, optional) – Host name to upload data with, default will be ‘Upload’

  • create_index (bool, optional) – Set this to true to create the index if it doesn’t already exist. Default is False.

upload_folder(folder_path: str, table_name: str | None = None, delim: str = ',', index_name: str | None = None, create_index=False, source_type: str | None = None, **kwargs)

Upload all files in a folder to Splunk.

Parameters:

  • folder_path (str) – Path to folder to upload.

  • index_name (str) – Name of the Splunk Index to add data to, if it doesn’t exist it will be created.

  • source_type (str, optional) – The sourcetype in Splunk data will be uploaded to. csv, json or other can be input and then passed to df.to_csv(), df.to_json(), df.to_string() styles respectively. If not set the file name will be used. “json” is by default.

  • table_name (str, optional) – The backward compatibility of source_type.

  • delim (str, optional) – Seperator value in files, by default “,”

  • host (str, optional) – Host name to upload data with, default will be ‘Upload’

  • create_index (bool, optional) – Set this to true to create the index if it doesn’t already exist. Default is False.