Splunk-sdk

Bug fixes

* Hot fix to `binding.py` to work with Python 2.7.9, which introduced SSL certificate validation by default as outlined in [PEP 476](https://www.python.org/dev/peps/pep-0476).
* Update `async`, `handler_proxy`, and `handler_urllib2` examples to work with Python 2.7.9 by disabling SSL certificate validation by default.

New features and APIs

* Added support for Storage Passwords.

* Added a script (GenerateHelloCommand) to the searchcommand_app to generate a custom search command.

* Added a human-readable argument titles to modular input examples.

* Renamed the searchcommand `csv` module to `splunk_csv`.

Bug fixes

* Now entities that contain slashes in their name can be created, accessed and deleted correctly.

* Fixed a performance issue with connecting to Splunk on Windows.

* Improved the `service.restart()` function.

New features and APIs

* Improved error handling in custom search commands

SearchCommand.process now catches all exceptions and

1. Writes an error message for display in the Splunk UI.

The error message is the text of the exception. This is new behavior.

2. Logs a traceback to SearchCommand.logger. This is old behavior.

* Made ResponseReader more streamlike, so that it can be wrapped in an
io.BufferedReader to realize a significant performance gain.

*Example usage*


import io
...
response = job.results(count=maxRecords, offset=self._offset)
resultsList = results.ResultsReader(io.BufferedReader(response))


Bug fixes

1. The results reader now catches SyntaxError exceptions instead of
`xml.etree.ElementTree.ParseError` exceptions. `ParseError` wasn't
introduced until Python 2.7. This masked the root cause of errors
data errors in result elements.

2. When writing a ReportingCommand you no longer need to include a map method.

Bug fixes

1. Addressed a problem with autologin and added test coverage for the use case.

See `ServiceTestCase.test_autologin` in tests/test_service.py.

New features and APIs

* Added features for building custom search commands in Python

1. Access Splunk Search Results Info.

See the `SearchCommand.search_results_info` property.

2. Communicate with Splunk.

See the `SearchCommand.service` property.

3. Control logging and view command configuration settings from the Splunk
command line

+ The `logging_configuration` option lets you pick an alternative logging
configuration file for a command invocation.

+ The `logging_level` option lets you set the logging level for a command
invocation.

+ The `show_configuration` option writes command configuration settings
to the Splunk Job Inspector.

4. Get a more complete picture of what's happening when an error occurs

Command error messages now include a full stack trace.

5. Enable the Splunk Search Assistant to display command help.

See `examples/searchcommands_app/default/searchbnf.conf`

6. Write messages for display by the job inspector.

See `SearchCommand.messages`.

* Added a feature for building modular inputs.

1. Communicate with Splunk.

See the `Script.service` property.

Bug fixes

* When running `setup.py dist` without running `setup.py build`, there is no
longer a `No such file or directory` error on the command line, and the
command behaves as expected.

* When setting the sourcetype of a modular input event, events are indexed
properly.

Previously Splunk would encounter an error and skip them.

Quality improvements

* Better code documentation and unit test coverage.

New features and APIs

* Added support for building custom search commands in Python using the Splunk
SDK for Python.

Bug fix

* When running `setup.py dist` without running `setup.py build`, there is no
longer a `No such file or directory` error on the command line, and the
command behaves as expected.

* When setting the sourcetype of a modular input event, events are indexed properly.
Previously Splunk would encounter an error and skip them.

Breaking changes

* If modular inputs were not being indexed by Splunk because a sourcetype was set
(and the SDK was not handling them correctly), they will be indexed upon updating
to this version of the SDK.

Minor changes

* Docstring corrections in the modular input examples.

* A minor docstring correction in `splunklib/modularinput/event_writer.py`.