mirror of
https://github.com/n8n-io/n8n.git
synced 2024-09-21 07:17:38 -07:00
db134f0abe
* ✨ Create Splunk node * 🔨 Move rejectUnauthorized to credentials * 🔨 Remove trailing slash * 🔨 Clarify 401 error * 🔥 Remove unused params * 🔥 Remove unused logic * ⚡ Guard against code missing * 🔨 Refactor filter * 🔥 Remove params with no effect * 🔥 Remove superfluous description * 🔥 Remove params for unimplemented resource * 🔥 Remove param with no effect * 🐛 Fix multiple roles in user create and upate * 🔥 Remove logging * ⚡ Simplify ID handling * 👕 Fix lint * ⚡ Add cred test * 🎨 Format import * ✏️ Apply Product feedback * 🐛 Make axiox errors compatible Co-authored-by: Jan Oberhauser <jan.oberhauser@gmail.com>
498 lines
15 KiB
TypeScript
498 lines
15 KiB
TypeScript
import {
|
|
IExecuteFunctions,
|
|
} from 'n8n-core';
|
|
|
|
import {
|
|
ICredentialsDecrypted,
|
|
ICredentialTestFunctions,
|
|
IDataObject,
|
|
ILoadOptionsFunctions,
|
|
INodeExecutionData,
|
|
INodeType,
|
|
INodeTypeDescription,
|
|
NodeCredentialTestResult,
|
|
} from 'n8n-workflow';
|
|
|
|
import {
|
|
formatFeed,
|
|
formatResults,
|
|
formatSearch,
|
|
getId,
|
|
populate,
|
|
setCount,
|
|
splunkApiRequest,
|
|
toUnixEpoch,
|
|
} from './GenericFunctions';
|
|
|
|
import {
|
|
firedAlertOperations,
|
|
searchConfigurationFields,
|
|
searchConfigurationOperations,
|
|
searchJobFields,
|
|
searchJobOperations,
|
|
searchResultFields,
|
|
searchResultOperations,
|
|
userFields,
|
|
userOperations,
|
|
} from './descriptions';
|
|
|
|
import {
|
|
SplunkCredentials,
|
|
SplunkFeedResponse,
|
|
} from './types';
|
|
|
|
import {
|
|
OptionsWithUri,
|
|
} from 'request';
|
|
|
|
export class Splunk implements INodeType {
|
|
description: INodeTypeDescription = {
|
|
displayName: 'Splunk',
|
|
name: 'splunk',
|
|
icon: 'file:splunk.svg',
|
|
group: ['transform'],
|
|
version: 1,
|
|
subtitle: '={{$parameter["operation"] + ": " + $parameter["resource"]}}',
|
|
description: 'Consume the Splunk Enterprise API',
|
|
defaults: {
|
|
name: 'Splunk',
|
|
color: '#e20082',
|
|
},
|
|
inputs: ['main'],
|
|
outputs: ['main'],
|
|
credentials: [
|
|
{
|
|
name: 'splunkApi',
|
|
required: true,
|
|
testedBy: 'splunkApiTest',
|
|
},
|
|
],
|
|
properties: [
|
|
{
|
|
displayName: 'Resource',
|
|
name: 'resource',
|
|
type: 'options',
|
|
noDataExpression: true,
|
|
options: [
|
|
{
|
|
name: 'Fired Alert',
|
|
value: 'firedAlert',
|
|
},
|
|
{
|
|
name: 'Search Configuration',
|
|
value: 'searchConfiguration',
|
|
},
|
|
{
|
|
name: 'Search Job',
|
|
value: 'searchJob',
|
|
},
|
|
{
|
|
name: 'Search Result',
|
|
value: 'searchResult',
|
|
},
|
|
{
|
|
name: 'User',
|
|
value: 'user',
|
|
},
|
|
],
|
|
default: 'searchJob',
|
|
},
|
|
...firedAlertOperations,
|
|
...searchConfigurationOperations,
|
|
...searchConfigurationFields,
|
|
...searchJobOperations,
|
|
...searchJobFields,
|
|
...searchResultOperations,
|
|
...searchResultFields,
|
|
...userOperations,
|
|
...userFields,
|
|
],
|
|
};
|
|
|
|
methods = {
|
|
loadOptions: {
|
|
async getRoles(this: ILoadOptionsFunctions) {
|
|
const endpoint = '/services/authorization/roles';
|
|
const responseData = await splunkApiRequest.call(this, 'GET', endpoint) as SplunkFeedResponse;
|
|
const { entry: entries } = responseData.feed;
|
|
|
|
return Array.isArray(entries)
|
|
? entries.map(entry => ({ name: entry.title, value: entry.title }))
|
|
: [{ name: entries.title, value: entries.title }];
|
|
},
|
|
},
|
|
credentialTest: {
|
|
async splunkApiTest(
|
|
this: ICredentialTestFunctions,
|
|
credential: ICredentialsDecrypted,
|
|
): Promise<NodeCredentialTestResult> {
|
|
const {
|
|
authToken,
|
|
baseUrl,
|
|
allowUnauthorizedCerts,
|
|
} = credential.data as SplunkCredentials;
|
|
|
|
const endpoint = '/services/alerts/fired_alerts';
|
|
|
|
const options: OptionsWithUri = {
|
|
headers: {
|
|
'Authorization': `Bearer ${authToken}`,
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
},
|
|
method: 'GET',
|
|
form: {},
|
|
qs: {},
|
|
uri: `${baseUrl}${endpoint}`,
|
|
json: true,
|
|
rejectUnauthorized: !allowUnauthorizedCerts,
|
|
};
|
|
|
|
try {
|
|
await this.helpers.request(options);
|
|
return {
|
|
status: 'OK',
|
|
message: 'Authentication successful',
|
|
};
|
|
} catch (error) {
|
|
return {
|
|
status: 'Error',
|
|
message: error.message,
|
|
};
|
|
}
|
|
},
|
|
},
|
|
};
|
|
|
|
async execute(this: IExecuteFunctions): Promise<INodeExecutionData[][]> {
|
|
const items = this.getInputData();
|
|
const returnData: IDataObject[] = [];
|
|
|
|
const resource = this.getNodeParameter('resource', 0) as string;
|
|
const operation = this.getNodeParameter('operation', 0) as string;
|
|
|
|
let responseData;
|
|
|
|
for (let i = 0; i < items.length; i++) {
|
|
|
|
try {
|
|
|
|
if (resource === 'firedAlert') {
|
|
|
|
// **********************************************************************
|
|
// firedAlert
|
|
// **********************************************************************
|
|
|
|
if (operation === 'getReport') {
|
|
|
|
// ----------------------------------------
|
|
// firedAlert: getReport
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#alerts.2Ffired_alerts
|
|
|
|
const endpoint = '/services/alerts/fired_alerts';
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatFeed);
|
|
|
|
}
|
|
|
|
} else if (resource === 'searchConfiguration') {
|
|
|
|
// **********************************************************************
|
|
// searchConfiguration
|
|
// **********************************************************************
|
|
|
|
if (operation === 'delete') {
|
|
|
|
// ----------------------------------------
|
|
// searchConfiguration: delete
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#saved.2Fsearches.2F.7Bname.7D
|
|
|
|
const partialEndpoint = '/services/saved/searches/';
|
|
const searchConfigurationId = getId.call(
|
|
this, i, 'searchConfigurationId', '/search/saved/searches/',
|
|
); // id endpoint differs from operation endpoint
|
|
const endpoint = `${partialEndpoint}/${searchConfigurationId}`;
|
|
|
|
responseData = await splunkApiRequest.call(this, 'DELETE', endpoint);
|
|
|
|
} else if (operation === 'get') {
|
|
|
|
// ----------------------------------------
|
|
// searchConfiguration: get
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#saved.2Fsearches.2F.7Bname.7D
|
|
|
|
const partialEndpoint = '/services/saved/searches/';
|
|
const searchConfigurationId = getId.call(
|
|
this, i, 'searchConfigurationId', '/search/saved/searches/',
|
|
); // id endpoint differs from operation endpoint
|
|
const endpoint = `${partialEndpoint}/${searchConfigurationId}`;
|
|
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatFeed);
|
|
|
|
} else if (operation === 'getAll') {
|
|
|
|
// ----------------------------------------
|
|
// searchConfiguration: getAll
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#saved.2Fsearches
|
|
|
|
const qs = {} as IDataObject;
|
|
const options = this.getNodeParameter('options', i) as IDataObject;
|
|
|
|
populate(options, qs);
|
|
setCount.call(this, qs);
|
|
|
|
const endpoint = '/services/saved/searches';
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint, {}, qs).then(formatFeed);
|
|
|
|
}
|
|
|
|
} else if (resource === 'searchJob') {
|
|
|
|
// **********************************************************************
|
|
// searchJob
|
|
// **********************************************************************
|
|
|
|
if (operation === 'create') {
|
|
|
|
// ----------------------------------------
|
|
// searchJob: create
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs
|
|
|
|
const body = {
|
|
search: this.getNodeParameter('search', i),
|
|
} as IDataObject;
|
|
|
|
const {
|
|
earliest_time,
|
|
latest_time,
|
|
index_earliest,
|
|
index_latest,
|
|
...rest
|
|
} = this.getNodeParameter('additionalFields', i) as IDataObject & {
|
|
earliest_time?: string;
|
|
latest_time?: string;
|
|
index_earliest?: string,
|
|
index_latest?: string,
|
|
};
|
|
|
|
populate({
|
|
...earliest_time && { earliest_time: toUnixEpoch(earliest_time) },
|
|
...latest_time && { latest_time: toUnixEpoch(latest_time) },
|
|
...index_earliest && { index_earliest: toUnixEpoch(index_earliest) },
|
|
...index_latest && { index_latest: toUnixEpoch(index_latest) },
|
|
...rest,
|
|
}, body);
|
|
|
|
const endpoint = '/services/search/jobs';
|
|
responseData = await splunkApiRequest.call(this, 'POST', endpoint, body);
|
|
|
|
const getEndpoint = `/services/search/jobs/${responseData.response.sid}`;
|
|
responseData = await splunkApiRequest.call(this, 'GET', getEndpoint).then(formatSearch);
|
|
|
|
} else if (operation === 'delete') {
|
|
|
|
// ----------------------------------------
|
|
// searchJob: delete
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D
|
|
|
|
const partialEndpoint = '/services/search/jobs/';
|
|
const searchJobId = getId.call(this, i, 'searchJobId', partialEndpoint);
|
|
const endpoint = `${partialEndpoint}/${searchJobId}`;
|
|
responseData = await splunkApiRequest.call(this, 'DELETE', endpoint);
|
|
|
|
} else if (operation === 'get') {
|
|
|
|
// ----------------------------------------
|
|
// searchJob: get
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D
|
|
|
|
const partialEndpoint = '/services/search/jobs/';
|
|
const searchJobId = getId.call(this, i, 'searchJobId', partialEndpoint);
|
|
const endpoint = `${partialEndpoint}/${searchJobId}`;
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatSearch);
|
|
|
|
} else if (operation === 'getAll') {
|
|
|
|
// ----------------------------------------
|
|
// searchJob: getAll
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTsearch#search.2Fjobs
|
|
|
|
const qs = {} as IDataObject;
|
|
const options = this.getNodeParameter('options', i) as IDataObject;
|
|
|
|
populate(options, qs);
|
|
setCount.call(this, qs);
|
|
|
|
const endpoint = '/services/search/jobs';
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint, {}, qs) as SplunkFeedResponse;
|
|
responseData = formatFeed(responseData);
|
|
|
|
}
|
|
|
|
} else if (resource === 'searchResult') {
|
|
|
|
// **********************************************************************
|
|
// searchResult
|
|
// **********************************************************************
|
|
|
|
if (operation === 'getAll') {
|
|
|
|
// ----------------------------------------
|
|
// searchResult: getAll
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTsearch#search.2Fjobs.2F.7Bsearch_id.7D.2Fresults
|
|
|
|
const searchJobId = this.getNodeParameter('searchJobId', i);
|
|
|
|
const qs = {} as IDataObject;
|
|
const filters = this.getNodeParameter('filters', i) as IDataObject & {
|
|
keyValueMatch?: { keyValuePair?: { key: string; value: string; } }
|
|
};
|
|
const options = this.getNodeParameter('options', i) as IDataObject;
|
|
|
|
const keyValuePair = filters?.keyValueMatch?.keyValuePair;
|
|
|
|
if (keyValuePair?.key && keyValuePair?.value) {
|
|
qs.search = `search ${keyValuePair.key}=${keyValuePair.value}`;
|
|
}
|
|
|
|
populate(options, qs);
|
|
setCount.call(this, qs);
|
|
|
|
const endpoint = `/services/search/jobs/${searchJobId}/results`;
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint, {}, qs).then(formatResults);
|
|
|
|
}
|
|
|
|
} else if (resource === 'user') {
|
|
|
|
// **********************************************************************
|
|
// user
|
|
// **********************************************************************
|
|
|
|
if (operation === 'create') {
|
|
|
|
// ----------------------------------------
|
|
// user: create
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers
|
|
|
|
const roles = this.getNodeParameter('roles', i) as string[];
|
|
|
|
const body = {
|
|
name: this.getNodeParameter('name', i),
|
|
roles,
|
|
password: this.getNodeParameter('password', i),
|
|
} as IDataObject;
|
|
|
|
const additionalFields = this.getNodeParameter('additionalFields', i) as IDataObject;
|
|
|
|
populate(additionalFields, body);
|
|
|
|
const endpoint = '/services/authentication/users';
|
|
responseData = await splunkApiRequest.call(this, 'POST', endpoint, body) as SplunkFeedResponse;
|
|
responseData = formatFeed(responseData);
|
|
|
|
} else if (operation === 'delete') {
|
|
|
|
// ----------------------------------------
|
|
// user: delete
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers.2F.7Bname.7D
|
|
|
|
const partialEndpoint = '/services/authentication/users';
|
|
const userId = getId.call(this, i, 'userId', partialEndpoint);
|
|
const endpoint = `${partialEndpoint}/${userId}`;
|
|
await splunkApiRequest.call(this, 'DELETE', endpoint);
|
|
responseData = { success: true };
|
|
|
|
} else if (operation === 'get') {
|
|
|
|
// ----------------------------------------
|
|
// user: get
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers.2F.7Bname.7D
|
|
|
|
const partialEndpoint = '/services/authentication/users/';
|
|
const userId = getId.call(this, i, 'userId', '/services/authentication/users/');
|
|
const endpoint = `${partialEndpoint}/${userId}`;
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint).then(formatFeed);
|
|
|
|
} else if (operation === 'getAll') {
|
|
|
|
// ----------------------------------------
|
|
// user: getAll
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers
|
|
|
|
const qs = {} as IDataObject;
|
|
setCount.call(this, qs);
|
|
|
|
const endpoint = '/services/authentication/users';
|
|
responseData = await splunkApiRequest.call(this, 'GET', endpoint, {}, qs).then(formatFeed);
|
|
|
|
} else if (operation === 'update') {
|
|
|
|
// ----------------------------------------
|
|
// user: update
|
|
// ----------------------------------------
|
|
|
|
// https://docs.splunk.com/Documentation/Splunk/8.2.2/RESTREF/RESTaccess#authentication.2Fusers.2F.7Bname.7D
|
|
|
|
const body = {} as IDataObject;
|
|
const { roles, ...rest } = this.getNodeParameter('updateFields', i) as IDataObject & {
|
|
roles: string[];
|
|
};
|
|
|
|
populate({
|
|
...roles && { roles },
|
|
...rest,
|
|
}, body);
|
|
|
|
const partialEndpoint = '/services/authentication/users/';
|
|
const userId = getId.call(this, i, 'userId', partialEndpoint);
|
|
const endpoint = `${partialEndpoint}/${userId}`;
|
|
responseData = await splunkApiRequest.call(this, 'POST', endpoint, body).then(formatFeed);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} catch (error) {
|
|
if (this.continueOnFail()) {
|
|
returnData.push({ error: error.cause.error });
|
|
continue;
|
|
}
|
|
|
|
throw error;
|
|
}
|
|
|
|
Array.isArray(responseData)
|
|
? returnData.push(...responseData)
|
|
: returnData.push(responseData as IDataObject);
|
|
|
|
}
|
|
|
|
return [this.helpers.returnJsonArray(returnData)];
|
|
}
|
|
}
|