msticpy.data.uploaders.splunk_uploader module

Splunk Uploader class.

class msticpy.data.uploaders.splunk_uploader.SplunkUploader(username: str, host: str, password: str, **kwargs)

Bases: UploaderBase

Uploader class for Splunk.

Initialize a Splunk Uploader instance.

connect()

Connect to Splunk host.

static get_http_timeout(**kwargs)

Get http timeout from settings or kwargs.

upload_df(data: DataFrame, table_name: str | None, index_name: str, create_index: bool = False, **kwargs)

Upload a Pandas DataFrame to Splunk.

Parameters:

  • data (pd.DataFrame) – Data to upload.

  • table_name (str) – The sourcetype in Splunk data will be uploaded to.

  • index_name (str) – Name of the Splunk Index to add data to.

  • host (str, optional) – Host name to upload data with, default will be ‘Upload’

  • create_index (bool, optional) – Set this to true to create the index if it doesn’t already exist. Default is False.

upload_file(file_path: str, table_name: str | None = None, delim: str = ',', index_name: str | None = None, create_index: bool = False, **kwargs)

Upload a seperated value file to Splunk.

Parameters:

  • file_path (str) – Path to the file to upload.

  • index_name (str) – Name of the Splunk Index to add data to.

  • table_name (str, optional) – The sourcetype in Splunk data will be uploaded to. If not set the file name will be used.

  • delim (str, optional) – Seperator value in file, by default “,”

  • host (str, optional) – Host name to upload data with, default will be ‘Upload’

  • create_index (bool, optional) – Set this to true to create the index if it doesn’t already exist. Default is False.

upload_folder(folder_path: str, table_name: str | None = None, delim: str = ',', index_name: str | None = None, create_index=False, **kwargs)

Upload all files in a folder to Splunk.

Parameters:

  • folder_path (str) – Path to folder to upload.

  • index_name (str) – Name of the Splunk Index to add data to, if it doesn’t exist it will be created.

  • table_name (str, optional) – The sourcetype in Splunk data will be uploaded to. If not set the file name will be used.

  • delim (str, optional) – Seperator value in files, by default “,”

  • host (str, optional) – Host name to upload data with, default will be ‘Upload’

  • create_index (bool, optional) – Set this to true to create the index if it doesn’t already exist. Default is False.