feat(Splunk Node): Overhaul (#9813)

2024-07-04 16:07:17 +03:00
parent fbe4bca634
commit e5c324753f
49 changed files with 3484 additions and 634 deletions
--- a/packages/nodes-base/nodes/Splunk/v2/actions/search/create.operation.ts
+++ b/packages/nodes-base/nodes/Splunk/v2/actions/search/create.operation.ts
@@ -0,0 +1,255 @@
+import type { INodeProperties, IExecuteFunctions, IDataObject } from 'n8n-workflow';
+import { updateDisplayOptions } from '../../../../../utils/utilities';
+import { populate, toUnixEpoch } from '../../helpers/utils';
+import { splunkApiJsonRequest, splunkApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Query',
+		name: 'search',
+		description:
+			'Search language string to execute, in Splunk\'s <a href="https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/WhatsInThisManual">Search Processing Language</a>',
+		placeholder: 'e.g. search index=_internal | stats count by source',
+		type: 'string',
+		required: true,
+		default: '',
+		typeOptions: {
+			rows: 2,
+		},
+	},
+	{
+		displayName: 'Additional Fields',
+		name: 'additionalFields',
+		type: 'collection',
+		placeholder: 'Add Field',
+		default: {},
+		options: [
+			{
+				displayName: 'Ad Hoc Search Level',
+				name: 'adhoc_search_level',
+				type: 'options',
+				default: 'verbose',
+				options: [
+					{
+						name: 'Fast',
+						value: 'fast',
+					},
+					{
+						name: 'Smart',
+						value: 'smart',
+					},
+					{
+						name: 'Verbose',
+						value: 'verbose',
+					},
+				],
+			},
+			{
+				displayName: 'Auto-Cancel After (Seconds)',
+				name: 'auto_cancel',
+				type: 'number',
+				default: 0,
+				description: 'Seconds after which the search job automatically cancels',
+			},
+			{
+				displayName: 'Auto-Finalize After (Num Events)',
+				name: 'auto_finalize_ec',
+				type: 'number',
+				default: 0,
+				description: 'Auto-finalize the search after at least this many events are processed',
+			},
+			{
+				displayName: 'Auto Pause After (Seconds)',
+				name: 'auto_pause',
+				type: 'number',
+				default: 0,
+				description: 'Seconds of inactivity after which the search job automatically pauses',
+			},
+			{
+				displayName: 'Earliest Index',
+				name: 'index_earliest',
+				type: 'dateTime',
+				default: '',
+				description: 'The earliest index time for the search (inclusive)',
+			},
+			{
+				displayName: 'Earliest Time',
+				name: 'earliest_time',
+				type: 'dateTime',
+				default: '',
+				description: 'The earliest cut-off for the search (inclusive)',
+			},
+			{
+				displayName: 'Exec Mode',
+				name: 'exec_mode',
+				type: 'options',
+				default: 'blocking',
+				options: [
+					{
+						name: 'Blocking',
+						value: 'blocking',
+					},
+					{
+						name: 'Normal',
+						value: 'normal',
+					},
+					{
+						name: 'One Shot',
+						value: 'oneshot',
+					},
+				],
+			},
+			{
+				displayName: 'Indexed Real Time Offset',
+				name: 'indexedRealtimeOffset',
+				type: 'number',
+				default: 0,
+				description: 'Seconds of disk sync delay for indexed real-time search',
+			},
+			{
+				displayName: 'Latest Index',
+				name: 'index_latest',
+				type: 'dateTime',
+				default: '',
+				description: 'The latest index time for the search (inclusive)',
+			},
+			{
+				displayName: 'Latest Time',
+				name: 'latest_time',
+				type: 'dateTime',
+				default: '',
+				description: 'The latest cut-off for the search (inclusive)',
+			},
+			{
+				displayName: 'Max Time',
+				name: 'max_time',
+				type: 'number',
+				default: 0,
+				description:
+					'Number of seconds to run this search before finalizing. Enter <code>0</code> to never finalize.',
+			},
+			{
+				displayName: 'Namespace',
+				name: 'namespace',
+				type: 'string',
+				default: '',
+				description: 'Application namespace in which to restrict searches',
+			},
+			{
+				displayName: 'Reduce Frequency',
+				name: 'reduce_freq',
+				type: 'number',
+				default: 0,
+				description: 'How frequently to run the MapReduce reduce phase on accumulated map values',
+			},
+			{
+				displayName: 'Remote Server List',
+				name: 'remote_server_list',
+				type: 'string',
+				default: '',
+				description:
+					'Comma-separated list of (possibly wildcarded) servers from which raw events should be pulled. This same server list is to be used in subsearches.',
+			},
+			{
+				displayName: 'Reuse Limit (Seconds)',
+				name: 'reuse_max_seconds_ago',
+				type: 'number',
+				default: 0,
+				description:
+					'Number of seconds ago to check when an identical search is started and return the job’s search ID instead of starting a new job',
+			},
+			{
+				displayName: 'Required Field',
+				name: 'rf',
+				type: 'string',
+				default: '',
+				description:
+					'Name of a required field to add to the search. Even if not referenced or used directly by the search, a required field is still included in events and summary endpoints.',
+			},
+			{
+				displayName: 'Search Mode',
+				name: 'search_mode',
+				type: 'options',
+				default: 'normal',
+				options: [
+					{
+						name: 'Normal',
+						value: 'normal',
+					},
+					{
+						name: 'Real Time',
+						value: 'realtime',
+					},
+				],
+			},
+			{
+				displayName: 'Status Buckets',
+				name: 'status_buckets',
+				type: 'number',
+				default: 0,
+				description:
+					'The most status buckets to generate. Set <code>0</code> generate no timeline information.',
+			},
+			{
+				displayName: 'Timeout',
+				name: 'timeout',
+				type: 'number',
+				default: 86400,
+				description: 'Number of seconds to keep this search after processing has stopped',
+			},
+			{
+				displayName: 'Workload Pool',
+				name: 'workload_pool',
+				type: 'string',
+				default: '',
+				description: 'New workload pool where the existing running search should be placed',
+			},
+		],
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['search'],
+		operation: ['create'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+): Promise<IDataObject | IDataObject[]> {
+	// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs
+
+	const body = {
+		search: this.getNodeParameter('search', i),
+	} as IDataObject;
+
+	const { earliest_time, latest_time, index_earliest, index_latest, ...rest } =
+		this.getNodeParameter('additionalFields', i) as IDataObject & {
+			earliest_time?: string;
+			latest_time?: string;
+			index_earliest?: string;
+			index_latest?: string;
+		};
+
+	populate(
+		{
+			...(earliest_time && { earliest_time: toUnixEpoch(earliest_time) }),
+			...(latest_time && { latest_time: toUnixEpoch(latest_time) }),
+			...(index_earliest && { index_earliest: toUnixEpoch(index_earliest) }),
+			...(index_latest && { index_latest: toUnixEpoch(index_latest) }),
+			...rest,
+		},
+		body,
+	);
+
+	const endpoint = '/services/search/jobs';
+	const responseData = await splunkApiRequest.call(this, 'POST', endpoint, body);
+
+	const getEndpoint = `/services/search/jobs/${responseData.response.sid}`;
+	const returnData = await splunkApiJsonRequest.call(this, 'GET', getEndpoint);
+	return returnData;
+}
--- a/packages/nodes-base/nodes/Splunk/v2/actions/search/deleteJob.operation.ts
+++ b/packages/nodes-base/nodes/Splunk/v2/actions/search/deleteJob.operation.ts
@@ -0,0 +1,29 @@
+import type { INodeProperties, IExecuteFunctions, IDataObject } from 'n8n-workflow';
+import { updateDisplayOptions } from '../../../../../utils/utilities';
+import { splunkApiRequest } from '../../transport';
+import { searchJobRLC } from '../../helpers/descriptions';
+
+const properties: INodeProperties[] = [searchJobRLC];
+
+const displayOptions = {
+	show: {
+		resource: ['search'],
+		operation: ['deleteJob'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+): Promise<IDataObject | IDataObject[]> {
+	// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D
+
+	const searchJobId = this.getNodeParameter('searchJobId', i, '', { extractValue: true }) as string;
+	const endpoint = `/services/search/jobs/${searchJobId}`;
+
+	await splunkApiRequest.call(this, 'DELETE', endpoint);
+
+	return { success: true };
+}
--- a/packages/nodes-base/nodes/Splunk/v2/actions/search/get.operation.ts
+++ b/packages/nodes-base/nodes/Splunk/v2/actions/search/get.operation.ts
@@ -0,0 +1,29 @@
+import type { INodeProperties, IExecuteFunctions, IDataObject } from 'n8n-workflow';
+import { updateDisplayOptions } from '../../../../../utils/utilities';
+import { splunkApiJsonRequest } from '../../transport';
+import { searchJobRLC } from '../../helpers/descriptions';
+
+const properties: INodeProperties[] = [searchJobRLC];
+
+const displayOptions = {
+	show: {
+		resource: ['search'],
+		operation: ['get'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+): Promise<IDataObject | IDataObject[]> {
+	// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D
+
+	const searchJobId = this.getNodeParameter('searchJobId', i, '', { extractValue: true }) as string;
+	const endpoint = `/services/search/jobs/${searchJobId}`;
+
+	const returnData = await splunkApiJsonRequest.call(this, 'GET', endpoint);
+
+	return returnData;
+}
--- a/packages/nodes-base/nodes/Splunk/v2/actions/search/getAll.operation.ts
+++ b/packages/nodes-base/nodes/Splunk/v2/actions/search/getAll.operation.ts
@@ -0,0 +1,123 @@
+import type { INodeProperties, IExecuteFunctions, IDataObject } from 'n8n-workflow';
+import { updateDisplayOptions } from '../../../../../utils/utilities';
+import { populate, setReturnAllOrLimit } from '../../helpers/utils';
+import { splunkApiJsonRequest } from '../../transport';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Return All',
+		name: 'returnAll',
+		type: 'boolean',
+		default: false,
+		description: 'Whether to return all results or only up to a given limit',
+	},
+	{
+		displayName: 'Limit',
+		name: 'limit',
+		type: 'number',
+		default: 50,
+		description: 'Max number of results to return',
+		typeOptions: {
+			minValue: 1,
+		},
+		displayOptions: {
+			show: {
+				returnAll: [false],
+			},
+		},
+	},
+	{
+		displayName: 'Sort',
+		name: 'sort',
+		type: 'fixedCollection',
+		default: {},
+		options: [
+			{
+				displayName: 'Values',
+				name: 'values',
+				values: [
+					{
+						displayName: 'Sort Direction',
+						name: 'sort_dir',
+						type: 'options',
+						options: [
+							{
+								name: 'Ascending',
+								value: 'asc',
+							},
+							{
+								name: 'Descending',
+								value: 'desc',
+							},
+						],
+						default: 'asc',
+					},
+					{
+						displayName: 'Sort Key',
+						name: 'sort_key',
+						description: 'Key name to use for sorting',
+						type: 'string',
+						placeholder: 'e.g. diskUsage',
+						default: '',
+					},
+					{
+						displayName: 'Sort Mode',
+						name: 'sort_mode',
+						type: 'options',
+						options: [
+							{
+								name: 'Automatic',
+								value: 'auto',
+								description:
+									'If all field values are numeric, collate numerically. Otherwise, collate alphabetically.',
+							},
+							{
+								name: 'Alphabetic',
+								value: 'alpha',
+								description: 'Collate alphabetically, case-insensitive',
+							},
+							{
+								name: 'Alphabetic and Case-Sensitive',
+								value: 'alpha_case',
+								description: 'Collate alphabetically, case-sensitive',
+							},
+							{
+								name: 'Numeric',
+								value: 'num',
+								description: 'Collate numerically',
+							},
+						],
+						default: 'auto',
+					},
+				],
+			},
+		],
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['search'],
+		operation: ['getAll'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+): Promise<IDataObject | IDataObject[]> {
+	// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs
+
+	const qs = {} as IDataObject;
+	const sort = this.getNodeParameter('sort.values', i, {}) as IDataObject;
+
+	populate(sort, qs);
+	setReturnAllOrLimit.call(this, qs);
+
+	const endpoint = '/services/search/jobs';
+	const returnData = await splunkApiJsonRequest.call(this, 'GET', endpoint, {}, qs);
+
+	return returnData;
+}
--- a/packages/nodes-base/nodes/Splunk/v2/actions/search/getResult.operation.ts
+++ b/packages/nodes-base/nodes/Splunk/v2/actions/search/getResult.operation.ts
@@ -0,0 +1,125 @@
+import type { INodeProperties, IExecuteFunctions, IDataObject } from 'n8n-workflow';
+import { updateDisplayOptions } from '../../../../../utils/utilities';
+import { splunkApiJsonRequest } from '../../transport';
+import { populate, setReturnAllOrLimit } from '../../helpers/utils';
+import { searchJobRLC } from '../../helpers/descriptions';
+
+const properties: INodeProperties[] = [
+	searchJobRLC,
+	{
+		displayName: 'Return All',
+		name: 'returnAll',
+		type: 'boolean',
+		default: false,
+		description: 'Whether to return all results or only up to a given limit',
+	},
+	{
+		displayName: 'Limit',
+		name: 'limit',
+		type: 'number',
+		default: 50,
+		description: 'Max number of results to return',
+		typeOptions: {
+			minValue: 1,
+		},
+		displayOptions: {
+			show: {
+				returnAll: [false],
+			},
+		},
+	},
+	{
+		displayName: 'Filters',
+		name: 'filters',
+		type: 'collection',
+		placeholder: 'Add Filter',
+		default: {},
+		options: [
+			{
+				displayName: 'Key-Value Match',
+				name: 'keyValueMatch',
+				description:
+					'Key-value pair to match against. Example: if "Key" is set to <code>user</code> and "Field" is set to <code>john</code>, only the results where <code>user</code> is <code>john</code> will be returned.',
+				type: 'fixedCollection',
+				default: {},
+				placeholder: 'Add Key-Value Pair',
+				options: [
+					{
+						displayName: 'Key-Value Pair',
+						name: 'keyValuePair',
+						values: [
+							{
+								displayName: 'Key',
+								name: 'key',
+								description: 'Key to match against',
+								type: 'string',
+								default: '',
+							},
+							{
+								displayName: 'Value',
+								name: 'value',
+								description: 'Value to match against',
+								type: 'string',
+								default: '',
+							},
+						],
+					},
+				],
+			},
+		],
+	},
+	{
+		displayName: 'Options',
+		name: 'options',
+		type: 'collection',
+		placeholder: 'Add Option',
+		default: {},
+		options: [
+			{
+				displayName: 'Add Summary to Metadata',
+				name: 'add_summary_to_metadata',
+				description: 'Whether to include field summary statistics in the response',
+				type: 'boolean',
+				default: false,
+			},
+		],
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['search'],
+		operation: ['getResult'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+): Promise<IDataObject | IDataObject[]> {
+	// https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D.2Fresults
+
+	const searchJobId = this.getNodeParameter('searchJobId', i, '', { extractValue: true }) as string;
+
+	const qs = {} as IDataObject;
+	const filters = this.getNodeParameter('filters', i) as IDataObject & {
+		keyValueMatch?: { keyValuePair?: { key: string; value: string } };
+	};
+	const options = this.getNodeParameter('options', i);
+
+	const keyValuePair = filters?.keyValueMatch?.keyValuePair;
+
+	if (keyValuePair?.key && keyValuePair?.value) {
+		qs.search = `search ${keyValuePair.key}=${keyValuePair.value}`;
+	}
+
+	populate(options, qs);
+	setReturnAllOrLimit.call(this, qs);
+
+	const endpoint = `/services/search/jobs/${searchJobId}/results`;
+	const returnData = await splunkApiJsonRequest.call(this, 'GET', endpoint, {}, qs);
+
+	return returnData;
+}
--- a/packages/nodes-base/nodes/Splunk/v2/actions/search/index.ts
+++ b/packages/nodes-base/nodes/Splunk/v2/actions/search/index.ts
@@ -0,0 +1,62 @@
+import type { INodeProperties } from 'n8n-workflow';
+
+import * as create from './create.operation';
+import * as deleteJob from './deleteJob.operation';
+import * as get from './get.operation';
+import * as getAll from './getAll.operation';
+import * as getResult from './getResult.operation';
+
+export { create, deleteJob, get, getAll, getResult };
+
+export const description: INodeProperties[] = [
+	{
+		displayName: 'Operation',
+		name: 'operation',
+		type: 'options',
+		noDataExpression: true,
+		displayOptions: {
+			show: {
+				resource: ['search'],
+			},
+		},
+		options: [
+			{
+				name: 'Create',
+				value: 'create',
+				description: 'Create a search job',
+				action: 'Create a search job',
+			},
+			{
+				name: 'Delete',
+				value: 'deleteJob',
+				description: 'Delete a search job',
+				action: 'Delete a search job',
+			},
+			{
+				name: 'Get',
+				value: 'get',
+				description: 'Retrieve a search job',
+				action: 'Get a search job',
+			},
+			{
+				name: 'Get Many',
+				value: 'getAll',
+				description: 'Retrieve many search jobs',
+				action: 'Get many search jobs',
+			},
+			{
+				name: 'Get Result',
+				value: 'getResult',
+				description: 'Get the result of a search job',
+				action: 'Get the result of a search job',
+			},
+		],
+		default: 'create',
+	},
+
+	...create.description,
+	...deleteJob.description,
+	...get.description,
+	...getAll.description,
+	...getResult.description,
+];