Another day in the life of @splunkdev and another SDK under Splunk’s Developer Platform.
Splunk SDK for Ruby is now publicly available. Thanks to the every one in the external Ruby community for their feedback and their contribution to the open source project!
So what can you do with the SDK? Below are some highlights:
- Connect to Splunk
- Run blocking and asynchronous searches
- Get data out from Splunk using the /export endpoint
- Write data into Splunk
- Manage Splunk objects like Jobs, Indexes, Users etc.
- and more …
Learn more and find out how to get started at Splunk SDK for Ruby. Download the SDK and let us know what you think at DevInfo.
Let’s take a look at some sample code …
Connect to Splunk
require 'splunk-sdk-ruby'
service = Splunk::connect(:scheme=>"https", :host=>"localhost", :port=>8089, :username=>"admin", :password=>"changeme")
Run a oneshot search and print the results
stream = service.create_oneshot("search index=_internal | head 10")
reader = Splunk::ResultsReader.new(stream)
reader.each do |result|
puts result
end
Run an export and print the results
stream = service.create_export("search index=_internal | head 10")
reader = Splunk::ResultsReader.new(stream)
reader.each do |result|
puts result
end
Write events into Splunk
main = service.indexes["main"]
# Using the simple receiver endpoint
main.submit("This is a test event.")
# Using the streaming receiver endpoint
socket = main.attach()
begin
socket.write("The first event.\r\n")
socket.write("The second event.\r\n")
ensure
socket.close()
end