event_spammer_4splunk

Simple utility to spam logs into Splunk for TS purposes.
git clone git://git.thepablogq.xyz/event_spammer_4splunk
Log | Files | Refs | README
commit a2b74ed5b30d4e15cbe768d1e3f1ef7826472713
Author: Pablo Garro <pablogq@thepablogq.xyz>
Date:   Thu,  6 Jul 2023 13:58:45 -0600

First (and likely only) commit

Diffstat:

AREADME.md | 19+++++++++++++++++++


Alog_spam.spl | 0


Alog_spam/bin/log.py | 10++++++++++


Alog_spam/bin/log.sh | 24++++++++++++++++++++++++


Alog_spam/default/app.conf | 10++++++++++


Alog_spam/default/inputs.conf | 13+++++++++++++


6 files changed, 76 insertions(+), 0 deletions(-)

diff --git a/README.md b/README.md
@@ -0,0 +1,19 @@
+# SIMPLE pseudo log spammer
+
+> Not particularly good at the spam or the log part.
+
+This small addon is a "sort-of" quick solution to a really specific problem while conducting a forgettable investigation.
+
+The idea is having "portable" solution to fill indexes with random data without spending time configuring any inputs. Just intall and go!
+
+## How to use
+
+1. Get the addon/app.
+2. Install on device.
+3. Get main index flooded with events.
+
+The app comes with two scripts, one written in bash and one in python. Interchangeable one with the other, however, the one written on bash is easier to modify for generating a different formatted output.
+
+## Addendum
+
+Isn't it curious that this README is likely larger than the app itself.
diff --git a/log_spam.spl b/log_spam.spl
Binary files differ.
diff --git a/log_spam/bin/log.py b/log_spam/bin/log.py
@@ -0,0 +1,9 @@
+import logging
+import random
+import sys
+
+logging.basicConfig(format='%(asctime)s %(levelname)s %(message)s', level=logging.INFO, stream = sys.stdout)
+
+log_messages = ['running script return 0', 'not relevant information', 'INFO SAMPLE_TEXT']
+
+logging.info(random.choice(log_messages))+
\ No newline at end of file
diff --git a/log_spam/bin/log.sh b/log_spam/bin/log.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+case $((1 + $RANDOM % 3)) in
+
+    1)
+        MESSAGE="INFO running script return 0"
+        ;;
+
+    2)
+        MESSAGE="INFO not relevant information"
+        ;;
+
+    3)
+        MESSAGE="INFO SAMPLE_TEXT"
+        ;;
+
+    *)
+        echo -n "unknown"
+        ;;
+     esac
+
+PRINTF=`printf "%s %s \n" $(date '+%Y/%m/%d %H:%M:%S') $MESSAGE`
+
+echo $PRINTF
diff --git a/log_spam/default/app.conf b/log_spam/default/app.conf
@@ -0,0 +1,9 @@
+[install]
+build = 1
+
+[launcher]
+version = 1.0.1
+
+[ui]
+is_visible = false
+show_in_nav = false+
\ No newline at end of file
diff --git a/log_spam/default/inputs.conf b/log_spam/default/inputs.conf
@@ -0,0 +1,12 @@
+[script://$SPLUNK_HOME/etc/apps/log_spam/bin/log.sh]
+index = main
+interval = 1
+disabled = 1
+sourcetype = default
+
+[script://$SPLUNK_HOME/etc/apps/log_spam/bin/log.py]
+index = main
+interval = 1
+disabled = 0
+sourcetype = default
+python.version = python3+
\ No newline at end of file