Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
splunk-events
Advanced tools
Javascript lib to create Splunk Logs via HTTP
npm install splunk-events
or yarn add splunk-events
import SplunkEvents from 'splunk-events';
const splunkEvents = new SplunkEvents();
splunkEvents.config({
token: 'YOUR_TOKEN_HERE', // required
});
splunkEvents.logEvent(
'Critical',
'Info',
'WeaponConstruction',
'DeathStar',
{ username: 'vader'}
);
var SplunkEvents = require('splunk-events');
var splunkEvents = new SplunkEvents();
splunkEvents.config({
token: 'YOUR_TOKEN_HERE', // required
});
splunkEvents.logEvent(
'Critical',
'Info',
'WeaponConstruction',
'DeathStar',
{ username: 'vader'}
);
{
// Required. Splunk server endpoint
endpoint: 'YOUR_SPLUNK_ENDPOINT',
// Required. This is provided by the Splunk administrator
token: 'YOUR_TOKEN',
// Optional. Index created in Splunk. The 'token' option already associates the index info.
// This option is useful when the token have multiple indexes.
index: 'YOUR_INDEX',
// Optional. Unique identifier in your system used to associate the events with the device
host: 'YOUR_HOST',
// A debounced function will automatically flush your events after some time
autoFlush: true, //default
// Add useful info
injectAditionalInfo: false, //default
// Send the current time to Splunk
injectTimestamp: false, //default
// Inactive time to wait until flush events. Requires 'autoFlush' option.
debounceTime: 2000, //default
// Max time to wait until flush events. Requires 'autoFlush' option.
debounceMaxWait: 5000, //default
// Fetcher to do Splunk Events requests
request: ({url, method, data, headers, responseType}) => {
// a function with the same signature as `axios` that uses global Fetch API by default
}, // default (see more details below)
// If the request fail, retry to send events using the debounced flush function
autoRetryFlush: true, //default
// Splunk's default path
path: '/services/collector/event', //default
// Important steps will be logged in the console
debug: false, //default
// Source of the logs
source: 'splunkeventsjs', //default
// Wether or not Splunk Events should parse the event data with the function `parseEventData`
shouldParseEventData: true // default
}
'level' is the criticality of the event ('Critical','Important','Debug').
'type' is the type of the event ('Error','Warn','Info').
'workflowType' is an action or a flow's stage in the system.
'workflowInstance' defines what id/element is being processed/executed/created in the workflowType.
'eventData' is an object containing your custom data to send to Splunk. This object should be flat and properties with a 'null' or 'undefined' value will be omitted.
'account' is the accountName
(e.g. 'dreamstore','gatewayqa','instoreqa').
if 'injectAditionalInfo' is set to true, this function adds some default data to the event
- User Agent
- Browser Language
- Screen Resolution
- URI Host
- URI Path
- URI Protocol
- URI Hash
Immediately send all queued events to Splunk Server.
This is not required when using the 'autoFlush' option.
By default this lib doesn't have any dependencies for the newer browsers (it tries to use Fetch API).
But to make it work on old browsers and Node you must use axios (0.13+) as a dependency by installing it (npm install --save axios
) and setting it on Splunk events config:
import SplunkEvents from 'splunk-events';
import axios from 'axios';
const splunkEvents = new SplunkEvents();
splunkEvents.config({
token: 'YOUR_TOKEN_HERE', // required
request: axios, // this make it work on old browsers and node environments
});
You can also write your own fetcher to choose your own dependencies for doing the requests (see the next section).
Just like you can pass axios as a request config (see section above), you can write your own fetcher by just following the same signature that axios use (see axios API documentation: https://github.com/mzabriskie/axios#axios-api).
The following example is how to make the node-fetch (https://github.com/bitinn/node-fetch) module work with axios signature:
import SplunkEvents from 'splunk-events';
import fetch from 'node-fetch';
function nodeFetchRequest(context) {
return fetch(context.url, {
...context,
body: context.data
})
.then((response) => {
if (context.responseType === 'json') {
return response.json();
}
return response;
});
}
const splunkEvents = new SplunkEvents();
splunkEvents.config({
token: 'YOUR_TOKEN_HERE', // required
request: nodeFetchRequest,
});
Insert your splunk endpoint in your app policies (located at manifest.json) like so:
{
"policies": [
{
"name": "outbound-access",
"attrs": {
"host": "YOUR_SPLUNK_ENDPOINT",
"path": "*"
}
}
]
}
If your endpoint has a port, you don't need to add it here. The protocol neither. Just the host...
Then you have to create a new fetcher or tweak your if you already have one. This is to add headers so IO can properly proxy the request...
function splunkCustomFetcher(context) {
const headers = context.headers || {}
return axios({
...context,
headers: {
...headers,
// this authtoken comes from your app's ColossusContext
'Proxy-Authorization': 'YOUR_AUTH_TOKEN',
// here you can proxy to https and add ports if you need to
'X-Vtex-Proxy-To': `https://${YOUR_SPLUNK_ENDPOINT}:8080`,
}
})
}
Finally you can configure your splunk cient like so:
splunkEvents.config({
// add your endpoint with http protocol and no ports, let IO do the proxying, trust the headers...
endpoint: `http://${SPLUNK_ENDPOINT}`,
request: splunkCustomFetcher,
token: 'YOUR_TOKEN_HERE',
})
http://dev.splunk.com/view/event-collector/SP-CAAAE6P
After setting up the project with npm install
or yarn
, you can run npm build
and npm link
to test it on another project (see examples on how to test it above).
To deploy this package to npm, install the releasy package with npm install -g releasy
Make sure you are logged with the correct user (use npm login
command)
Then choose between patch, minor and major version to release with the commands:
releasy patch --stable
releasy minor --stable
releasy major --stable
After that, SplunkEvents.js will be generated with babel and uploaded to the npm registry with the new version.
[1.3.3] - 2020-05-18 [YANKED]
FAQs
Javascript lib to create Splunk Logs via HTTP
The npm package splunk-events receives a total of 2,341 weekly downloads. As such, splunk-events popularity was classified as popular.
We found that splunk-events demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 55 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.