n8n/packages/nodes-base/nodes/Splunk/Splunk.node.ts

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

487 lines
16 KiB
TypeScript
Raw Normal View History

import {
type IExecuteFunctions,
type ICredentialsDecrypted,
type ICredentialTestFunctions,
type IDataObject,
type ILoadOptionsFunctions,
type INodeCredentialTestResult,
type INodeExecutionData,
type INodeType,
type INodeTypeDescription,
type IRequestOptions,
NodeApiError,
NodeOperationError,
} from 'n8n-workflow';
import {
formatFeed,
formatResults,
formatSearch,
getId,
populate,
setCount,
splunkApiRequest,
toUnixEpoch,
} from './GenericFunctions';
import {
firedAlertOperations,
searchConfigurationFields,
searchConfigurationOperations,
searchJobFields,
searchJobOperations,
searchResultFields,
searchResultOperations,
userFields,
userOperations,
} from './descriptions';
import type { SplunkCredentials, SplunkFeedResponse } from './types';
import set from 'lodash/set';
export class Splunk implements INodeType {
description: INodeTypeDescription = {
displayName: 'Splunk',
name: 'splunk',
icon: 'file:splunk.svg',
group: ['transform'],
version: 1,
subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
description: 'Consume the Splunk Enterprise API',
defaults: {
name: 'Splunk',
},
inputs: ['main'],
outputs: ['main'],
credentials: [
{
name: 'splunkApi',
required: true,
testedBy: 'splunkApiTest',
},
],
properties: [
{
displayName: 'Resource',
name: 'resource',
type: 'options',
noDataExpression: true,
options: [
{
name: 'Fired Alert',
value: 'firedAlert',
},
{
name: 'Search Configuration',
value: 'searchConfiguration',
},
{
name: 'Search Job',
value: 'searchJob',
},
{
name: 'Search Result',
value: 'searchResult',
},
{
name: 'User',
value: 'user',
},
],
default: 'searchJob',
},
...firedAlertOperations,
...searchConfigurationOperations,
...searchConfigurationFields,
...searchJobOperations,
...searchJobFields,
...searchResultOperations,
...searchResultFields,
...userOperations,
...userFields,
],
};
methods = {
loadOptions: {
async getRoles(this: ILoadOptionsFunctions) {
const endpoint = '/services/authorization/roles';
const responseData = (await splunkApiRequest.call(
this,
'GET',
endpoint,
)) as SplunkFeedResponse;
const { entry: entries } = responseData.feed;
return Array.isArray(entries)
? entries.map((entry) => ({ name: entry.title, value: entry.title }))
: [{ name: entries.title, value: entries.title }];
},
},
credentialTest: {
async splunkApiTest(
this: ICredentialTestFunctions,
credential: ICredentialsDecrypted,
:sparkles: Nodes as JSON and authentication redesign (#2401) * :sparkles: change FE to handle new object type * 🚸 improve UX of handling invalid credentials * 🚧 WIP * :art: fix typescript issues * 🐘 add migrations for all supported dbs * ✏️ add description to migrations * :zap: add credential update on import * :zap: resolve after merge issues * :shirt: fix lint issues * :zap: check credentials on workflow create/update * update interface * :shirt: fix ts issues * :zap: adaption to new credentials UI * :bug: intialize cache on BE for credentials check * :bug: fix undefined oldCredentials * :bug: fix deleting credential * :bug: fix check for undefined keys * :bug: fix disabling edit in execution * :art: just show credential name on execution view * ✏️ remove TODO * :zap: implement review suggestions * :zap: add cache to getCredentialsByType * ⏪ use getter instead of cache * ✏️ fix variable name typo * 🐘 include waiting nodes to migrations * :bug: fix reverting migrations command * :zap: update typeorm command * :sparkles: create db:revert command * 👕 fix lint error * :sparkles: Add optional authenticate method to credentials * :zap: Simplify code and add authentication support to MattermostApi * :shirt: Fix lint issue * :zap: Add support to own-mode * :shirt: Fix lint issue * :sparkles: Add support for predefined auth types bearer and headerAuth * :zap: Make sure that DateTime Node always returns strings * :zap: Add support for moment types to If Node * :zap: Make it possible for HTTP Request Node to use all credential types * :sparkles: Add basicAuth support * Add a new dropcontact node * :sparkles: First basic implementation of mainly JSON based nodes * :sparkles: Add fixedCollection support, added value parameter and expression support for value and property * Improvements to #2389 * :zap: Add credentials verification * :zap: Small improvement * :zap: set default time to 45 seconds * :sparkles: Add support for preSend and postReceive methods * :heavy_plus_sign: Add lodash merge and set depedency to workflow * :shirt: Fix lint issue * :zap: Improvements * :zap: Improvements * :zap: Improvements * :zap: Improvements * :zap: Improvements * :bug: Set siren and language correctly * :zap: Add support for requestDefaults * :zap: Add support for baseURL to httpRequest * :zap: Move baseURL to correct location * :sparkles: Add support for options loading * :bug: Fix error with fullAccess nodes * :sparkles: Add credential test functionality * :bug: Fix issue with OAuth autentication and lint issue * :zap: Fix build issue * :bug: Fix issue that url got always overwritten to empty * :sparkles: Add pagination support * :zap: Code fix required after merge * :zap: Remove not needed imports * :zap: Fix credential test * :sparkles: Add expression support for request properties and $self support on properties * :zap: Rename $self to $value * :shirt: Fix lint issue * :zap: Add example how to send data in path * :sparkles: Make it possible to not sent in dot notation * :sparkles: Add support for postReceive:rootProperty * :zap: Fix typo * :sparkles: Add support for postReceive:set * :zap: Some fixes * :zap: Small improvement * ;zap: Separate RoutingNode code * :zap: Simplify code and fix bug * :zap: Remove unused code * :sparkles: Make it possible to define "request" and "requestProperty" on options * :shirt: Fix lint issue * :zap: Change $credentials variables name * :sparkles: Enable expressions and access to credentials in requestDefaults * :zap: Make parameter option loading use RoutingNode.makeRoutingRequest * :sparkles: Allow requestOperations overwrite on LoadOptions * :sparkles: Make it possible to access current node parameters in loadOptions * :zap: Rename parameters variable to make future proof * :zap: Make it possible to use offset-pagination with body * :sparkles: Add support for queryAuth * :zap: Never return more items than requested * :sparkles: Make it possible to overwrite requestOperations on parameter and option level * :shirt: Fix lint issue * :sparkles: Allow simplified auth also with regular nodes * :sparkles: Add support for receiving binary data * :bug: Fix example node * :zap: Rename property "name" to "displayName" in loadOptions * :zap: Send data by default as "query" if nothing is set * :zap: Rename $self to $parent * :zap: Change to work with INodeExecutionData instead of IDataObject * :zap: Improve binaryData handling * :zap: Property design improvements * :zap: Fix property name * :rotating_light: Add some tests * :zap: Add also test for request * :zap: Improve test and fix issues * :zap: Improvements to loadOptions * :zap: Normalize loadOptions with rest of code * :zap: Add info text * :sparkles: Add support for $value in postReceive * :rotating_light: Add tests for RoutingNode.runNode * :zap: Remove TODOs and make url property optional * :zap: Fix bug and lint issue * :bug: Fix bug that not the correct property got used * :rotating_light: Add tests for CredentialsHelper.authenticate * :zap: Improve code and resolve expressions also everywhere for loadOptions and credential test requests * :sparkles: Make it possible to define multiple preSend and postReceive actions * :sparkles: Allow to define tests on credentials * :zap: Remove test data * :arrow_up: Update package-lock.json file * :zap: Remove old not longer used code Co-authored-by: Ben Hesseldieck <b.hesseldieck@gmail.com> Co-authored-by: Mutasem <mutdmour@gmail.com> Co-authored-by: PaulineDropcontact <pauline@dropcontact.io> Co-authored-by: ricardo <ricardoespinoza105@gmail.com>
2022-02-05 13:55:43 -08:00
): Promise<INodeCredentialTestResult> {
const { authToken, baseUrl, allowUnauthorizedCerts } = credential.data as SplunkCredentials;
const endpoint = '/services/alerts/fired_alerts';
const options: IRequestOptions = {
headers: {
Authorization: `Bearer ${authToken}`,
'Content-Type': 'application/x-www-form-urlencoded',
},
method: 'GET',
form: {},
qs: {},
uri: `${baseUrl}${endpoint}`,
json: true,
rejectUnauthorized: !allowUnauthorizedCerts,
};
try {
await this.helpers.request(options);
return {
status: 'OK',
message: 'Authentication successful',
};
} catch (error) {
return {
status: 'Error',
message: error.message,
};
}
},
},
};
async execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
const items = this.getInputData();
const returnData: INodeExecutionData[] = [];
const resource = this.getNodeParameter('resource', 0);
const operation = this.getNodeParameter('operation', 0);
let responseData;
for (let i = 0; i < items.length; i++) {
try {
if (resource === 'firedAlert') {
// **********************************************************************
// firedAlert
// **********************************************************************
if (operation === 'getReport') {
// ----------------------------------------
// firedAlert: getReport
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#alerts.2Ffired_alerts
const endpoint = '/services/alerts/fired_alerts';
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatFeed);
}
} else if (resource === 'searchConfiguration') {
// **********************************************************************
// searchConfiguration
// **********************************************************************
if (operation === 'delete') {
// ----------------------------------------
// searchConfiguration: delete
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#saved.2Fsearches.2F.7Bname.7D
const partialEndpoint = '/services/saved/searches/';
const searchConfigurationId = getId.call(
this,
i,
'searchConfigurationId',
'/search/saved/searches/',
); // id endpoint differs from operation endpoint
const endpoint = `${partialEndpoint}/${searchConfigurationId}`;
responseData = await splunkApiRequest.call(this, 'DELETE', endpoint);
} else if (operation === 'get') {
// ----------------------------------------
// searchConfiguration: get
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#saved.2Fsearches.2F.7Bname.7D
const partialEndpoint = '/services/saved/searches/';
const searchConfigurationId = getId.call(
this,
i,
'searchConfigurationId',
'/search/saved/searches/',
); // id endpoint differs from operation endpoint
const endpoint = `${partialEndpoint}/${searchConfigurationId}`;
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatFeed);
} else if (operation === 'getAll') {
// ----------------------------------------
// searchConfiguration: getAll
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#saved.2Fsearches
const qs = {} as IDataObject;
const options = this.getNodeParameter('options', i);
populate(options, qs);
setCount.call(this, qs);
const endpoint = '/services/saved/searches';
responseData = await splunkApiRequest
.call(this, 'GET', endpoint, {}, qs)
.then(formatFeed);
}
} else if (resource === 'searchJob') {
// **********************************************************************
// searchJob
// **********************************************************************
if (operation === 'create') {
// ----------------------------------------
// searchJob: create
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs
const body = {
search: this.getNodeParameter('search', i),
} as IDataObject;
const { earliest_time, latest_time, index_earliest, index_latest, ...rest } =
this.getNodeParameter('additionalFields', i) as IDataObject & {
earliest_time?: string;
latest_time?: string;
index_earliest?: string;
index_latest?: string;
};
populate(
{
...(earliest_time && { earliest_time: toUnixEpoch(earliest_time) }),
...(latest_time && { latest_time: toUnixEpoch(latest_time) }),
...(index_earliest && { index_earliest: toUnixEpoch(index_earliest) }),
...(index_latest && { index_latest: toUnixEpoch(index_latest) }),
...rest,
},
body,
);
const endpoint = '/services/search/jobs';
responseData = await splunkApiRequest.call(this, 'POST', endpoint, body);
const getEndpoint = `/services/search/jobs/${responseData.response.sid}`;
responseData = await splunkApiRequest.call(this, 'GET', getEndpoint).then(formatSearch);
} else if (operation === 'delete') {
// ----------------------------------------
// searchJob: delete
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D
const partialEndpoint = '/services/search/jobs/';
const searchJobId = getId.call(this, i, 'searchJobId', partialEndpoint);
const endpoint = `${partialEndpoint}/${searchJobId}`;
responseData = await splunkApiRequest.call(this, 'DELETE', endpoint);
} else if (operation === 'get') {
// ----------------------------------------
// searchJob: get
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D
const partialEndpoint = '/services/search/jobs/';
const searchJobId = getId.call(this, i, 'searchJobId', partialEndpoint);
const endpoint = `${partialEndpoint}/${searchJobId}`;
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatSearch);
} else if (operation === 'getAll') {
// ----------------------------------------
// searchJob: getAll
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs
const qs = {} as IDataObject;
const options = this.getNodeParameter('options', i);
populate(options, qs);
setCount.call(this, qs);
const endpoint = '/services/search/jobs';
responseData = (await splunkApiRequest.call(
this,
'GET',
endpoint,
{},
qs,
)) as SplunkFeedResponse;
responseData = formatFeed(responseData);
}
} else if (resource === 'searchResult') {
// **********************************************************************
// searchResult
// **********************************************************************
if (operation === 'getAll') {
// ----------------------------------------
// searchResult: getAll
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D.2Fresults
const searchJobId = this.getNodeParameter('searchJobId', i);
const qs = {} as IDataObject;
const filters = this.getNodeParameter('filters', i) as IDataObject & {
keyValueMatch?: { keyValuePair?: { key: string; value: string } };
};
const options = this.getNodeParameter('options', i);
const keyValuePair = filters?.keyValueMatch?.keyValuePair;
if (keyValuePair?.key && keyValuePair?.value) {
qs.search = `search ${keyValuePair.key}=${keyValuePair.value}`;
}
populate(options, qs);
setCount.call(this, qs);
const endpoint = `/services/search/jobs/${searchJobId}/results`;
responseData = await splunkApiRequest
.call(this, 'GET', endpoint, {}, qs)
.then(formatResults);
}
} else if (resource === 'user') {
// **********************************************************************
// user
// **********************************************************************
if (operation === 'create') {
// ----------------------------------------
// user: create
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers
const roles = this.getNodeParameter('roles', i) as string[];
const body = {
name: this.getNodeParameter('name', i),
roles,
password: this.getNodeParameter('password', i),
} as IDataObject;
const additionalFields = this.getNodeParameter('additionalFields', i);
populate(additionalFields, body);
const endpoint = '/services/authentication/users';
responseData = (await splunkApiRequest.call(
this,
'POST',
endpoint,
body,
)) as SplunkFeedResponse;
responseData = formatFeed(responseData);
} else if (operation === 'delete') {
// ----------------------------------------
// user: delete
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers.2F.7Bname.7D
const partialEndpoint = '/services/authentication/users';
const userId = getId.call(this, i, 'userId', partialEndpoint);
const endpoint = `${partialEndpoint}/${userId}`;
await splunkApiRequest.call(this, 'DELETE', endpoint);
responseData = { success: true };
} else if (operation === 'get') {
// ----------------------------------------
// user: get
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers.2F.7Bname.7D
const partialEndpoint = '/services/authentication/users/';
const userId = getId.call(this, i, 'userId', '/services/authentication/users/');
const endpoint = `${partialEndpoint}/${userId}`;
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatFeed);
} else if (operation === 'getAll') {
// ----------------------------------------
// user: getAll
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers
const qs = {} as IDataObject;
setCount.call(this, qs);
const endpoint = '/services/authentication/users';
responseData = await splunkApiRequest
.call(this, 'GET', endpoint, {}, qs)
.then(formatFeed);
} else if (operation === 'update') {
// ----------------------------------------
// user: update
// ----------------------------------------
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers.2F.7Bname.7D
const body = {} as IDataObject;
const { roles, ...rest } = this.getNodeParameter('updateFields', i) as IDataObject & {
roles: string[];
};
populate(
{
...(roles && { roles }),
...rest,
},
body,
);
const partialEndpoint = '/services/authentication/users/';
const userId = getId.call(this, i, 'userId', partialEndpoint);
const endpoint = `${partialEndpoint}/${userId}`;
responseData = await splunkApiRequest
.call(this, 'POST', endpoint, body)
.then(formatFeed);
}
}
} catch (error) {
if (this.continueOnFail()) {
returnData.push({ json: { error: error.cause.error }, pairedItem: { item: i } });
continue;
}
if (error instanceof NodeApiError) {
set(error, 'context.itemIndex', i);
}
if (error instanceof NodeOperationError && error?.context?.itemIndex === undefined) {
set(error, 'context.itemIndex', i);
}
throw new NodeOperationError(this.getNode(), error, { itemIndex: i });
}
if (Array.isArray(responseData)) {
for (const item of responseData) {
returnData.push({ json: item, pairedItem: { item: i } });
}
} else {
returnData.push({ json: responseData, pairedItem: { item: i } });
}
}
return [returnData];
}
}