Skip to content

Commit 0d60b1a

Browse files
echipachenkoechipachenko
committed
fix splunk metadata parsing logic: config stanzas must be loaded from the system app
Signed-off-by: Yevhen Chypachenko <echipachenko@gmail.com>
1 parent 32e838f commit 0d60b1a

1 file changed

Lines changed: 19 additions & 11 deletions

File tree

solnlib/splunkenv.py

Lines changed: 19 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@
3939
]
4040

4141
ETC_LEAF = "etc"
42+
APP_SYSTEM = "system"
4243

4344
# See validateSearchHeadPooling() in src/libbundle/ConfSettings.cpp
4445
on_shared_storage = [
@@ -73,8 +74,8 @@ def _get_shared_storage() -> Optional[str]:
7374
"""
7475

7576
try:
76-
state = get_conf_key_value("server", "pooling", "state")
77-
storage = get_conf_key_value("server", "pooling", "storage")
77+
state = get_conf_key_value("server", "pooling", "state", APP_SYSTEM)
78+
storage = get_conf_key_value("server", "pooling", "storage", APP_SYSTEM)
7879
except KeyError:
7980
state = "disabled"
8081
storage = None
@@ -154,7 +155,7 @@ def get_splunk_host_info() -> Tuple:
154155
Tuple of (server_name, host_name).
155156
"""
156157

157-
server_name = get_conf_key_value("server", "general", "serverName")
158+
server_name = get_conf_key_value("server", "general", "serverName", APP_SYSTEM)
158159
host_name = socket.gethostname()
159160
return server_name, host_name
160161

@@ -180,12 +181,12 @@ def get_splunkd_access_info() -> Tuple[str, str, int]:
180181
Tuple of (scheme, host, port).
181182
"""
182183

183-
if is_true(get_conf_key_value("server", "sslConfig", "enableSplunkdSSL")):
184+
if is_true(get_conf_key_value("server", "sslConfig", "enableSplunkdSSL", APP_SYSTEM)):
184185
scheme = "https"
185186
else:
186187
scheme = "http"
187188

188-
host_port = get_conf_key_value("web", "settings", "mgmtHostPort")
189+
host_port = get_conf_key_value("web", "settings", "mgmtHostPort", APP_SYSTEM)
189190
host_port = host_port.strip()
190191
host_port_split_parts = host_port.split(":")
191192
host = ":".join(host_port_split_parts[:-1])
@@ -206,7 +207,7 @@ def get_scheme_from_hec_settings() -> str:
206207
scheme (str)
207208
"""
208209
try:
209-
ssl_enabled = get_conf_key_value("inputs", "http", "enableSSL")
210+
ssl_enabled = get_conf_key_value("inputs", "http", "enableSSL", APP_SYSTEM)
210211
except KeyError:
211212
raise KeyError(
212213
"Cannot get enableSSL setting form conf: 'inputs' and stanza: '[http]'. "
@@ -237,13 +238,14 @@ def get_splunkd_uri() -> str:
237238
return f"{scheme}://{host}:{port}"
238239

239240

240-
def get_conf_key_value(conf_name: str, stanza: str, key: str) -> Union[str, List, dict]:
241+
def get_conf_key_value(conf_name: str, stanza: str, key: str, app_name: Optional[str] = None) -> Union[str, List, dict]:
241242
"""Get value of `key` of `stanza` in `conf_name`.
242243
243244
Arguments:
244245
conf_name: Config file.
245246
stanza: Stanza name.
246247
key: Key name.
248+
app_name: Application name. Optional.
247249
248250
Returns:
249251
Config value.
@@ -252,16 +254,17 @@ def get_conf_key_value(conf_name: str, stanza: str, key: str) -> Union[str, List
252254
KeyError: If `stanza` or `key` doesn't exist.
253255
"""
254256

255-
stanzas = get_conf_stanzas(conf_name)
257+
stanzas = get_conf_stanzas(conf_name, app_name)
256258
return stanzas[stanza][key]
257259

258260

259-
def get_conf_stanza(conf_name: str, stanza: str) -> dict:
261+
def get_conf_stanza(conf_name: str, stanza: str, app_name: Optional[str] = None) -> dict:
260262
"""Get `stanza` in `conf_name`.
261263
262264
Arguments:
263265
conf_name: Config file.
264266
stanza: Stanza name.
267+
app_name: Application name. Optional.
265268
266269
Returns:
267270
Config stanza.
@@ -270,15 +273,16 @@ def get_conf_stanza(conf_name: str, stanza: str) -> dict:
270273
KeyError: If stanza doesn't exist.
271274
"""
272275

273-
stanzas = get_conf_stanzas(conf_name)
276+
stanzas = get_conf_stanzas(conf_name, app_name)
274277
return stanzas[stanza]
275278

276279

277-
def get_conf_stanzas(conf_name: str) -> dict:
280+
def get_conf_stanzas(conf_name: str, app_name: Optional[str] = None) -> dict:
278281
"""Get stanzas of `conf_name`
279282
280283
Arguments:
281284
conf_name: Config file.
285+
app_name: Application name. Optional.
282286
283287
Returns:
284288
Config stanzas.
@@ -299,6 +303,10 @@ def get_conf_stanzas(conf_name: str) -> dict:
299303
conf_name,
300304
"list",
301305
]
306+
307+
if app_name:
308+
btool_cli.append(f"--app={app_name}")
309+
302310
p = subprocess.Popen( # nosemgrep: python.lang.security.audit.dangerous-subprocess-use.dangerous-subprocess-use
303311
btool_cli, stdout=subprocess.PIPE, stderr=subprocess.PIPE
304312
)

0 commit comments

Comments
 (0)