Skip to content
This repository has been archived by the owner on Feb 3, 2023. It is now read-only.

Commit

Permalink
Merge pull request #157 from guilhemmarchand/testing
Browse files Browse the repository at this point in the history 
Version 1.2.23
  • Loading branch information
@guilhemmarchand
guilhemmarchand authored Sep 26, 2020
2 parents 50d39b0 + 8be2981 commit e4bfca7
Show file tree
Hide file tree
Showing 9 changed files with 58 additions and 32 deletions.
18 changes: 18 additions & 0 deletions docs/releasenotes.rst
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,24 @@
Release notes
#############

Version 1.2.23
==============

**CAUTION:**

This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:

- Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
- Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890

TrackMe requires a summary index (defaults to trackme_summary) and a metric index (defaults to trackme_metrics):
https://trackme.readthedocs.io/en/latest/configuration.html

- Fix: Exclusion of metrics generated by TrackMe itself would exclude other metrics generated on the same search head
- Fix: Issue #151 - error handling does not catch a failure during the creation of a new elastic source #151
- Fix: Issue #154 - Splunk Cloud vetting - capability in role will not be be granted #154
- Fix: Issue #155 - Splunk Cloud - In some specific contexts, Elastic source dedicated tracker creation fails #155

Version 1.2.22
==============

Expand Down
2 changes: 1 addition & 1 deletion trackme/app.manifest
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"id": {
"group": null,
"name": "trackme",
"version": "1.2.22"
"version": "1.2.23"
},
"author": [
{
Expand Down
2 changes: 1 addition & 1 deletion trackme/default/app.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,4 @@ label = TrackMe
[launcher]
author = Guilhem Marchand
description = Data tracking system for Splunk
version = 1.2.22
version = 1.2.23
3 changes: 0 additions & 3 deletions trackme/default/authorize.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,3 @@

# Minimal import
importRoles = user

# Gives capability to non-admin users to return rest results
dispatch_rest_to_indexers = enabled
61 changes: 36 additions & 25 deletions trackme/default/data/ui/html/TrackMe.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26577,8 +26577,7 @@ <h2 class="panel-title">Search for audit changes:</h2>
"dispatch.earliest_time": tk_input_elastic_source_earliest,
"dispatch.latest_time": tk_input_elastic_source_latest,
"is_scheduled": "1",
"cron_schedule": "*/5 * * * *",
"schedule_window": "1"
"cron_schedule": "*/5 * * * *"
};

// Create a saved search/report as an alert.
Expand All @@ -26599,46 +26598,55 @@ <h2 class="panel-title">Search for audit changes:</h2>

$("#modal_elastic_source_alert_creation_error").find('.modal-error-message p').text(msg);
$("#add_elastic_sources").modal('hide');
$("#modal_elastic_source_alert_creation_success").modal()
$("#modal_elastic_source_alert_creation_error").modal()
done();
return;
}
else if (err) {
msg = "There was an error creating the saved search/report: " + err;
msg = "There was an error creating the saved search/report: error code " + err.status;

let errorStr = "Unknown Error!";
if (err && err.data && err.data.messages && err.data.messages[0]['text']) {
errorStr = "error code: " + err.status + " - " + err.data.messages[0]['text'];
} else if (err && err.data && err.data.messages) {
errorStr = JSON.stringify( "error code: " + err.status + " - " + err.data.messages);
}

// Audit
action = "failure";
change_type = "add elastic source tracker";
object = tracker_name;
object_category = "elastic_sources_tracker";
object_attrs = tk_elastic_alert_root_search;
result = msg;
result = errorStr;
comment = "N/A";
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);

$("#modal_elastic_source_alert_creation_error").find('.modal-error-message p').text(msg);
$("#modal_elastic_source_alert_creation_error").find('.modal-error-message p').text(errorStr);
$("#add_elastic_sources").modal('hide');
$("#modal_elastic_source_alert_creation_success").modal()
$("#modal_elastic_source_alert_creation_error").modal()
done(err);
return;
}

// clean status
unsetToken("start_simulation_elastic_sources");
else {

// Confirmation message.
// clean status
unsetToken("start_simulation_elastic_sources");

// Audit
action = "success";
change_type = "add elastic source tracker";
object = tracker_name;
object_category = "elastic_sources_tracker";
object_attrs = tk_elastic_alert_root_search;
result = "N/A";
comment = "N/A";
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);
// Confirmation message.

// Store in the KVstore for mapping purposes
// Audit
action = "success";
change_type = "add elastic source tracker";
object = tracker_name;
object_category = "elastic_sources_tracker";
object_attrs = tk_elastic_alert_root_search;
result = "N/A";
comment = "N/A";
auditRecord(action, change_type, object, object_category, object_attrs, result, comment);

// Store in the KVstore for mapping purposes
var myendpoint_URl = "{{SPLUNKWEB_URL_PREFIX}}/splunkd/__raw/servicesNS/nobody/trackme/storage/collections/data/kv_trackme_elastic_sources_dedicated/"

// Create a dictionary to store the field names and values
Expand All @@ -26665,12 +26673,15 @@ <h2 class="panel-title">Search for audit changes:</h2>
}
});

msg = "Created saved search/report as alert: " + alert.name;
$("#modal_elastic_source_alert_creation_success").find('.modal-error-message p').text(msg);
$("#add_elastic_sources").modal('hide');
$("#modal_elastic_source_alert_creation_success").modal()
msg = "Created saved search/report as alert: " + alert.name;
$("#modal_elastic_source_alert_creation_success").find('.modal-error-message p').text(msg);
$("#add_elastic_sources").modal('hide');
$("#modal_elastic_source_alert_creation_success").modal()

done();

}

done();
});

} else {
Expand Down
2 changes: 1 addition & 1 deletion trackme/default/macros.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ iseval = 0

# used as the top of the populating searches for metric indexes
[trackme_mstats_main_filter]
definition = metric_name="*" metric_name!="trackme_*"
definition = metric_name="*" metric_name!="trackme*"
iseval = 0

[trackme_default_monitored_state]
Expand Down
2 changes: 1 addition & 1 deletion trackme/default/savedsearches.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -558,7 +558,7 @@ search = | inputlookup trackme_metric_host_monitoring\
| rex field=metric_details "metric_category=(?<detail_metric_category>[^\|]*)\|metric_last_time=(?<detail_metric_last_time>[^\|]*)\|metric_max_lag_allowed=(?<detail_metric_max_lag_allowed>[^\|]*)\|metric_current_lag_sec=(?<detail_metric_current_lag_sec>[^\|]*)\|metric_host_state=(?<detail_metric_host_state>[^\|]*)"\
| `trackme_date_format(detail_metric_last_time)`\
| eval metric_details_human = "metric_category=" . detail_metric_category . "|" . "metric_last_time=" . 'detail_metric_last_time (translated)' . "|" . "metric_current_lag_sec=" . detail_metric_current_lag_sec . "|" . "metric_host_state=" . detail_metric_host_state\
| fields - detail_* | where NOT (metric_category="trackme") | stats values(*) as "*" by keyid
| fields - detail_* | where NOT match(metric_details, "metric_category=trackme") | stats values(*) as "*" by keyid

[TrackMe - metric hosts availability tracker]
cron_schedule = */5 * * * *
Expand Down
Binary file removed trackme_1222.tgz
View file
Binary file not shown.
Binary file added trackme_1223.tgz
View file
Binary file not shown.

0 comments on commit e4bfca7

Please sign in to comment.