Splunk-sdk

New features and APIs

* Added support for the new experimental Search Command Protocol v2, for Splunk 6.3+.

Opt-in by setting `chunked = true` in commands.conf. See `examples/searchcommands_app/package/default/commands-scpv2.conf`.

* Added support for invoking external search command processes.

See `examples/searchcommands_app/package/bin/pypygeneratext.py`.

* Added a new search command type: EventingCommand is the base class for commands that filter events arriving at a
search head from one or more search peers.

See `examples/searchcommands_app/package/bin/filter.py`.

* Added `splunklib` logger so that command loggers can be configured independently of the `splunklib.searchcommands`
module.

See `examples/searchcommands_app/package/default/logger.conf` for guidance on logging configuration.

* Added `splunklib.searchcommands.validators.Match` class for verifying that an option value matches a regular
expression pattern.

Bug fixes

* GitHub issue 88: `splunklib.modularinput`, `<done/>` written even when `done=False`.

* GitHub issue 115: `splunklib.searchcommands.splunk_csv.dict_reader` raises `KeyError` when `supports_multivalues = True`.

* GitHub issue 119: `None` returned in `_load_atom_entries`.

* Various other bug fixes/improvements for Search Command Protocol v1.

* Various bug fixes/improvements to the full splunklib test suite.

New features and APIs

* Added support for cookie-based authentication, for Splunk 6.2+.

* Added support for installing as a Python egg.

* Added a convenience `Service.job()` method to get a `Job` by its sid.

Bug fixes

* Restored support for Python 2.6 (GitHub issues 96 & 114).

* Fix `SearchCommands` decorators and `Validator` classes (GitHub issue 113).

* Fix `SearchCommands` bug iterating over `None` in `dict_reader.fieldnames` (GitHub issue 110).

* Fixed JSON parsing errors (GitHub issue 100).

* Retain the `type` property when parsing Atom feeds (GitHub issue 92).

* Update non-namespaced server paths with a `/services/` prefix. Fixes a bug where setting the `owner` and/or `app` on a `Service` could produce 403 errors on some REST API endpoints.

* Modular input `Argument.title` is now written correctly.

* `Client.connect` will now always return a `Service` instance, even if user credentials are invalid.

* Update the `saved_search/saved_search.py` example to handle saved searches with names containing characters that must be URL encoded (ex: `"Top 5 sourcetypes"`).

Minor Changes

* Update modular input examples with readable titles.

* Improvements to `splunklib.searchcommands` tests.

* Various docstring and code style corrections.

* Updated some tests to pass on Splunk 6.2+.

Bug fixes

* Hot fix to `binding.py` to work with Python 2.7.9, which introduced SSL certificate validation by default as outlined in [PEP 476](https://www.python.org/dev/peps/pep-0476).
* Update `async`, `handler_proxy`, and `handler_urllib2` examples to work with Python 2.7.9 by disabling SSL certificate validation by default.

New features and APIs

* Added support for Storage Passwords.

* Added a script (GenerateHelloCommand) to the searchcommand_app to generate a custom search command.

* Added a human-readable argument titles to modular input examples.

* Renamed the searchcommand `csv` module to `splunk_csv`.

Bug fixes

* Now entities that contain slashes in their name can be created, accessed and deleted correctly.

* Fixed a performance issue with connecting to Splunk on Windows.

* Improved the `service.restart()` function.

New features and APIs

* Improved error handling in custom search commands

SearchCommand.process now catches all exceptions and

1. Writes an error message for display in the Splunk UI.

The error message is the text of the exception. This is new behavior.

2. Logs a traceback to SearchCommand.logger. This is old behavior.

* Made ResponseReader more streamlike, so that it can be wrapped in an
io.BufferedReader to realize a significant performance gain.

*Example usage*


import io
...
response = job.results(count=maxRecords, offset=self._offset)
resultsList = results.ResultsReader(io.BufferedReader(response))


Bug fixes

1. The results reader now catches SyntaxError exceptions instead of
`xml.etree.ElementTree.ParseError` exceptions. `ParseError` wasn't
introduced until Python 2.7. This masked the root cause of errors
data errors in result elements.

2. When writing a ReportingCommand you no longer need to include a map method.

Bug fixes

1. Addressed a problem with autologin and added test coverage for the use case.

See `ServiceTestCase.test_autologin` in tests/test_service.py.