Merge pull request #208 from hubblestack/develop

Merge to master (prep v2.2.5)

conf/hubble

@@ -89,6 +89,8 @@ fileserver_backend:
 #        sourcetype_nova: hubble_audit
 #        sourcetype_nebula: hubble_osquery
 #        sourcetype_pulsar: hubble_fim
+#        sourcetype_log: hubble_log
+#  splunklogging: True
 
 ## If you are instead using the slack returner, you'll need a block similar to
 ## this:

hubblestack/__init__.py

@@ -1 +1 @@
-__version__ = '2.2.4'
+__version__ = '2.2.5'

hubblestack/daemon.py

@@ -18,6 +18,7 @@
 import salt.utils
 import salt.utils.jid
 import salt.log.setup
+import hubblestack.splunklogging
 from hubblestack import __version__
 
 log = logging.getLogger(__name__)
@@ -376,6 +377,14 @@ def load_config():
     __salt__ = salt.loader.minion_mods(__opts__, utils=__utils__)
     __returners__ = salt.loader.returners(__opts__, __salt__)
 
+    if __salt__['config.get']('hubblestack:splunklogging', False):
+        hubblestack.splunklogging.__grains__ = __grains__
+        hubblestack.splunklogging.__salt__ = __salt__
+        root_logger = logging.getLogger()
+        handler = hubblestack.splunklogging.SplunkHandler()
+        handler.setLevel(logging.ERROR)
+        root_logger.addHandler(handler)
+
 
 def parse_args():
     '''

hubblestack/extmods/grains/configgrains.py

@@ -0,0 +1,54 @@
+# -*- coding: utf-8 -*-
+'''
+Custom config-defined grains module
+
+:maintainer: HubbleStack
+:platform: All
+:requires: SaltStack
+
+Allow users to collect a list of config directives and set them as custom grains.
+The list should be defined under the `hubblestack` key.
+
+The `grains` value should be a list of dictionaries. Each dictionary should have
+a single key which will be set as the grain name. The dictionary's value will
+be the grain's value.
+
+hubblestack:
+  grains:
+    - splunkindex: "hubblestack:returner:splunk:index"
+  returner:
+    splunk:
+      - token: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
+        indexer: splunk-indexer.domain.tld
+        index: hubble
+        sourcetype_nova: hubble_audit
+'''
+
+import salt.modules.config
+
+salt.modules.config.__pillar__ = {}
+salt.modules.config.__grains__ = {}
+
+__salt__ = {'config.get': salt.modules.config.get}
+
+
+def configgrains():
+    '''
+    Given a list of config values, create custom grains with custom names.
+    The list comes from config.
+
+    Example:
+    hubblestack:
+      grains:
+        - splunkindex: "hubblestack:returner:splunk:index"
+    '''
+    grains = {}
+    salt.modules.config.__opts__ = __opts__
+
+    grains_to_make = __salt__['config.get']('hubblestack:grains', default=[])
+    for grain in grains_to_make:
+        for k, v in grain.iteritems():
+            grain_value = __salt__['config.get'](v, default=None)
+            if grain_value:
+                grains[k] = grain_value
+    return grains

hubblestack/extmods/modules/pulsar.py

@@ -393,7 +393,7 @@ def _dict_update(dest, upd, recursive_update=True, merge_lists=False):
                 dest_subkey = None
             if isinstance(dest_subkey, collections.Mapping) \
                     and isinstance(val, collections.Mapping):
-                ret = update(dest_subkey, val, merge_lists=merge_lists)
+                ret = _dict_update(dest_subkey, val, merge_lists=merge_lists)
                 dest[key] = ret
             elif isinstance(dest_subkey, list) \
                      and isinstance(val, list):

hubblestack/extmods/modules/win_pulsar.py

@@ -545,7 +545,7 @@ def _dict_update(dest, upd, recursive_update=True, merge_lists=False):
                 dest_subkey = None
             if isinstance(dest_subkey, collections.Mapping) \
                     and isinstance(val, collections.Mapping):
-                ret = update(dest_subkey, val, merge_lists=merge_lists)
+                ret = _dict_update(dest_subkey, val, merge_lists=merge_lists)
                 dest[key] = ret
             elif isinstance(dest_subkey, list) \
                      and isinstance(val, list):