时空索引>> piper>> 返回
项目作者: WillAbides

项目描述 :
commands for piping json to Azure EventGrid, AWS EventBridge and Splunk
高级语言: Go
项目地址: git://github.com/WillAbides/piper.git
创建时间: 2020-12-23T22:24:54Z
项目社区:https://github.com/WillAbides/piper
开源协议:MIT License
下载


piper

ci

piper contains three commands for piping json to Azure EventGrid, AWS EventBridge and Splunk

Piper, Piper, the red, red worm

woke last night to the sound of the storm

her words were words I sailed upon

— Phish (from the song Piper)

eventbridge-pipe

Install

go get

  1. go get github.com/willabides/piper/cmd/eventbridge-pipe

bindown

Add a bindown dependency:

  1. $ bindown template-source add piper https://github.com/WillAbides/piper/releases/latest/download/bindown-templates.yml
  2. $ bindown dependency add eventbridge-pipe piper#eventbridge-pipe

Usage

  1. Usage: eventbridge-pipe --type=STRING --source=STRING
  3. eventbridge-pipe posts events to AWS EventBridge.
  5. example:
  7.     $ AWS_ACCESS_KEY='AKIA****************'
  8.     $ AWS_SECRET_KEY='shhh_this_is_a_secret'
  9.     $ data="$(cat <<"EOF"
  10.         {"action": "obj.add", "@timestamp": 1604953432032, "el_name": "foo", "doc_id": "asdf"}
  11.         {"action": "obj.rem", "@timestamp": 1604953732032, "el_name": "bar", "doc_id": "fdsa"}
  12.       EOF
  13.       )"
  14.     $ echo "$data" | \
  15.       eventbridge-pipe -s 'test-source' -t 'jp:action' -b 'my-bus' -T 'jp:"@timestamp"' \
  16.       -r 'jp:"el_name"'
  18. Learn about JMESPath syntax at https://jmespath.org
  20. Flags:
  21.   -h, --help                     Show context-sensitive help.
  22.       --region="us-east-1"       The aws region to publish events to.
  23.   -t, --type=STRING              Value for the DetailType field. JMESPath
  24.                                  expressions allowed with "jp:" prefix.
  25.   -b, --event-bus=STRING         Value for the "EventBusName" field.
  26.   -r, --resource=RESOURCE,...    An element for the list in the "Resources"
  27.                                  array. JMESPath expressions allowed with "jp:"
  28.                                  prefix.
  29.   -s, --source=STRING            Value for the "Source" field. JMESPath
  30.                                  expressions allowed with "jp:" prefix.
  31.   -T, --timestamp=STRING         Value for the "Time" field converted from epoch
  32.                                  milliseconds. JMESPath expressions allowed with
  33.                                  "jp:" prefix.
  34.       --batch-size=10            Number of events to send in a batch.
  35.       --flush-interval=2000      Time in milliseconds to wait before sending a
  36.                                  partial batch. Set to 0 to never send a partial
  37.                                  batch.

eventgrid-pipe

Install

go get

  1. go get github.com/willabides/piper/cmd/eventgrid-pipe

bindown

Add a bindown dependency:

  1. $ bindown template-source add piper https://github.com/WillAbides/piper/releases/latest/download/bindown-templates.yml
  2. $ bindown dependency add eventgrid-pipe piper#eventgrid-pipe

Usage

  1. Usage: eventgrid-pipe --subject=STRING --type=STRING <topic-endpoint>
  3. eventgrid-pipe posts events to Azure Event Grid.
  5. example:
  7.     $ topic_endpoint='https://mytopicendpoint.westus2-1.eventgrid.azure.net'
  8.     $ topic_key='shhh_secret_topic_key'
  9.     $ data="$(cat <<"EOF"
  10.         {"action": "obj.add", "@timestamp": 1604953432032, "el_name": "foo", "doc_id": "asdf"}
  11.         {"action": "obj.rem", "@timestamp": 1604953732032, "el_name": "bar", "doc_id": "fdsa"}
  12.       EOF
  13.       )"
  14.     $ echo "$data" | \
  15.       eventgrid-pipe "$topic_endpoint" \
  16.       -H "aeg-sas-key: $topic_key" \
  17.       -T 'jp:"@timestamp"' \
  18.       -t 'audit-log' \
  19.       -s 'jp:action' \
  20.       -i 'jp:doc_id'
  22. Learn about JMESPath syntax at https://jmespath.org
  24. Arguments:
  25.   <topic-endpoint>    Endpoint for posting events
  27. Flags:
  28.   -h, --help                   Show context-sensitive help.
  29.   -i, --id=STRING              Value for the "id" field. If unset, a uuid will
  30.                                be generated for each event. JMESPath expressions
  31.                                allowed with "jp:" prefix.
  32.   -s, --subject=STRING         Value for the "subject" field. JMESPath
  33.                                expressions allowed with "jp:" prefix.
  34.   -t, --type=STRING            Value for the "eventType" field. JMESPath
  35.                                expressions allowed with "jp:" prefix.
  36.   -T, --timestamp="now"        Value for the "eventTime" field converted from
  37.                                epoch milliseconds. If unset, the current system
  38.                                time will be used.JMESPath expressions allowed
  39.                                with "jp:" prefix.
  40.   -H, --header=HEADER,...      Header to sent with the request in the same
  41.                                format as curl. e.g. '-H "aeg-sas-key: $EVKEY"'
  42.       --data-version="1.0"     Value for the "dataVersion" field. JMESPath
  43.                                expressions allowed with "jp:" prefix.
  44.       --batch-size=10          Number of events to send in a batch.
  45.       --flush-interval=2000    Time in milliseconds to wait before sending a
  46.                                partial batch. Set to 0 to never send a partial
  47.                                batch.

splunk-pipe

Install

go get

  1. go get github.com/willabides/piper/cmd/splunk-pipe

bindown

Add a bindown dependency:

  1. $ bindown template-source add piper https://github.com/WillAbides/piper/releases/latest/download/bindown-templates.yml
  2. $ bindown dependency add splunk-pipe piper#splunk-pipe

Usage

  1. Usage: splunk-pipe <endpoint>
  3. splunk-pipe posts events to splunk.
  5. example:
  7.     $ splunk_endpoint="http://localhost:8080"
  8.     $ splunk_hec_token="shhh_secret_token"
  9.     $ data="$(cat <<"EOF"
  10.         {"action": "obj.add", "@timestamp": 1604953432032, "el_name": "foo", "doc_id": "asdf"}
  11.         {"action": "obj.rem", "@timestamp": 1604953732032, "el_name": "bar", "doc_id": "fdsa"}
  12.       EOF
  13.       )"
  14.     $ echo "$data" | \
  15.       splunk-pipe "$splunk_endpoint" \
  16.       -H "Authorization: Splunk $splunk_hec_token" \
  17.       -T 'jp:"@timestamp"'
  19. Learn about JMESPath syntax at https://jmespath.org
  21. Arguments:
  22.   <endpoint>    Endpoint for posting events
  24. Flags:
  25.   -h, --help                   Show context-sensitive help.
  26.   -t, --sourcetype=STRING      Value for the "sourcetype" field. JMESPath
  27.                                expressions allowed with "jp:" prefix.
  28.   -s, --source=STRING          Value for the "source" field. JMESPath
  29.                                expressions allowed with "jp:" prefix.
  30.   -T, --timestamp=STRING       Value for the "eventTime" field converted from
  31.                                epoch milliseconds. JMESPath expressions allowed
  32.                                with "jp:" prefix.
  33.   -H, --header=HEADER,...      Header to sent with the request in the same
  34.                                format as curl. e.g. '-H "Authorization: Splunk
  35.                                $HEC_KEY"'
  36.   -h, --host=STRING            Value for the "host" field. JMESPath expressions
  37.                                allowed with "jp:" prefix.
  38.       --index=STRING           Value for the "index" field. JMESPath expressions
  39.                                allowed with "jp:" prefix.
  40.       --batch-size=10          Number of events to send in a batch.
  41.       --flush-interval=2000    Time in milliseconds to wait before sending a
  42.                                partial batch. Set to 0 to never send a partial
  43.                                batch.