Skip to content

chore(deps): update dependency zipp to v3.23.0 #2760

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 32 commits into
base: develop
Choose a base branch
from
Open

chore(deps): update dependency zipp to v3.23.0 #2760

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
3c6d8f3
docs: Updating the vendor documentation with the correct port number …
cwadhwani-splunk Jan 16, 2025
78bb3e5
feat: Add a health check endpoint (#2670)
mstopa-splunk Jan 16, 2025
0492dcf
docs: Updated the dead links on create-parser page (#2665)
cwadhwani-splunk Jan 16, 2025
334f2f0
chore(deps): update splunk/addonfactory-test-matrix-action action to …
renovate[bot] Jan 16, 2025
623cea7
docs: add "Architecture and Load Balancers" (#2574)
mstopa-splunk Jan 16, 2025
be77057
fix: CVE (#2660)
ikheifets-splunk Jan 16, 2025
5797cc0
docs: update NGINX health_check command usage
mstopa-splunk Jan 17, 2025
df0f0ff
docs: update NGINX health_check command usage
mstopa-splunk Jan 17, 2025
61c7061
fix: poetry export after 2.0 (#2678)
ikheifets-splunk Jan 20, 2025
5703173
fix: rebuild docker image after alpine security fixes (#2687)
ikheifets-splunk Jan 30, 2025
364550b
Merge branch 'main' into develop
sbylica-splunk Feb 3, 2025
bf1eba8
docs: Describe load balancing with F5 (#2677)
mstopa-splunk Feb 10, 2025
6c52c7d
fix: resolve sonarqube reported issues (#2690)
sbylica-splunk Feb 25, 2025
7daf590
Changed rhel version in docs (#2699)
sbylica-splunk Feb 27, 2025
ac00225
Added support for multiple destinations in healthcheck (#2704)
sbylica-splunk Mar 11, 2025
fce2007
docs: remove experimental status for EP (#2714)
ikheifets-splunk Mar 20, 2025
0998d28
docs: Updated the splunk add-on link in the panos documentation (#2695)
cwadhwani-splunk Apr 2, 2025
124804b
feat: Added support for vectra json logs (#2694)
cwadhwani-splunk Apr 2, 2025
97587da
chore: add netapp tests (#2705)
ajasnosz Apr 4, 2025
8773f38
Merge branch 'main' into develop
cwadhwani-splunk Apr 8, 2025
f3c103c
fix: vuln fix alpine (#2726)
rjha-splunk Apr 9, 2025
729f2cd
fix: Added a couple of parsers in the enterprise version. (#2734)
cwadhwani-splunk Apr 9, 2025
8e9240c
fix: Added a couple of parsers in the enterprise version. (#2734)
cwadhwani-splunk Apr 9, 2025
b375da9
fix: update citrix netscaler date parser (#2735)
ajasnosz Apr 14, 2025
80fb1ad
docs: Updated the sourcetype in the documentation of isc_dhcpd (#2698)
cwadhwani-splunk Apr 18, 2025
c2aa1b1
Merge branch 'main' into develop
ajasnosz Apr 23, 2025
d2d2aee
feat: add dell powerstore parser (#2721)
ajasnosz May 12, 2025
9eb2701
feat: update entrypoint script (#2746)
ajasnosz May 19, 2025
e61850b
chore(deps): update dependency tornado to v6.5 [security] (#2752)
renovate[bot] May 20, 2025
9ee630d
chore(deps): update dependency flask to v3.1.1 [security] (#2749)
renovate[bot] May 20, 2025
3055fd6
chore(deps): update dependency setuptools to v78 [security] (#2755)
renovate[bot] May 20, 2025
85dc566
chore(deps): update dependency zipp to v3.23.0
renovate[bot] Jun 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 20 additions & 14 deletions docs/sources/vendor/Citrix/netscaler.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,27 +7,33 @@

## Links

| Ref | Link |
|----------------|---------------------------------------------------------------------------------------------------------|
| Splunk Add-on | <https://splunkbase.splunk.com/app/2770/> |
| Ref | Link |
|----------------|-----------------------------------------------------------------------------------------------------|
| Splunk Add-on | <https://splunkbase.splunk.com/app/2770/> |
| Product Manual | <https://docs.citrix.com/en-us/citrix-adc/12-1/system/audit-logging/configuring-audit-logging.html> |

## Sourcetypes

| sourcetype | notes |
|----------------|---------------------------------------------------------------------------------------------------------|
| citrix:netscaler:syslog | None |
| citrix:netscaler:appfw | None |
| citrix:netscaler:appfw:cef | None |
| sourcetype | notes |
|----------------------------|-------|
| citrix:netscaler:syslog | None |
| citrix:netscaler:appfw | None |
| citrix:netscaler:appfw:cef | None |

## Sourcetype and Index Configuration

| key | sourcetype | index | notes |
|----------------|----------------|----------------|----------------|
| citrix_netscaler | citrix:netscaler:syslog | netfw | none |
| citrix_netscaler | citrix:netscaler:appfw | netfw | none |
| citrix_netscaler | citrix:netscaler:appfw:cef | netfw | none |
| key | sourcetype | index | notes |
|------------------|----------------------------|-------|-------|
| citrix_netscaler | citrix:netscaler:syslog | netfw | none |
| citrix_netscaler | citrix:netscaler:appfw | netfw | none |
| citrix_netscaler | citrix:netscaler:appfw:cef | netfw | none |

## Source Setup and Configuration

* Follow vendor configuration steps per Product Manual above. Ensure the data format selected is "DDMMYYYY"
* Follow vendor configuration steps per Product Manual above.

## Options

| Variable | default | description |
|--------------------------------------------|--------------|-----------------------------------------------------------------------------------------------|
| `SC4S_IGNORE_MMDD_LEGACY_CITRIX_NETSCALER` | empty string | (empty/yes) Set to "yes" for parsing the date in format `dd/mm/yyyy` instead of `mm/dd/yyyy`. |
26 changes: 26 additions & 0 deletions docs/sources/vendor/Dell/emc_powerstore.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# Dell Powerstore

## Key facts

* MSG Format based filter
* Legacy BSD Format default port 514

## Links

| Ref | Link |
|----------------|---------------------------------------------------------------------------------------------------------------------------------|
| Splunk Add-on | N/A |
| Add-on Manual | N/A |
| Product Manual | [Powerstore Documentation](https://www.dell.com/support/kbdoc/en-us/000130110/powerstore-info-hub-product-documentation-videos) |

## Sourcetypes

| sourcetype | notes |
|-----------------------|-------|
| `dell:emc:powerstore` | None |

### Index Configuration

| key | sourcetype | index | notes |
|--------------------|-----------------------|----------|-------|
| dellemc_powerstore | `dell:emc:powerstore` | `netops` | none |
6 changes: 3 additions & 3 deletions docs/sources/vendor/ISC/dhcpd.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,13 @@ see that source documentation for instructions

| sourcetype | notes |
|----------------|---------------------------------------------------------------------------------------------------------|
| isc:dhcp | none |
| isc:dhcpd | none |

### Index Configuration

| key | index | notes |
|----------------|------------|----------------|
| isc_dhcp | isc:dhcp | none |
| isc_dhcpd | netipam | none |

### Filter type

Expand All @@ -42,5 +42,5 @@ An active site will generate frequent events use the following search to check f
Verify timestamp, and host values match as expected

```
index=<asconfigured> (sourcetype=isc:dhcp")
index=<asconfigured> (sourcetype=isc:dhcpd")
```
4 changes: 4 additions & 0 deletions docs/upgrade.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ For a step by step guide [see here](./v3_upgrade.md).

You may need to migrate legacy log paths or version 1 app-parsers for version 2. To do this, open an issue and attach the original configuration and a compressed pcap of sample data for testing. We will evaluate whether to include the source in an upcoming release.

### Upgrade from <3.37.0
In `entrypoint.sh` the old variable mappings `SPLUNK_HEC_URL`, `SPLUNK_HEC_TOKEN`, `SC4S_DEST_SPLUNK_HEC_TLS_VERIFY` are deprecated and will not be
further reassigned, instead use `SC4S_DEST_SPLUNK_HEC_DEFAULT_URL`, `SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN`, `SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY`.

### Upgrade from <3.33.0
In NetApp ONTAP, the ontap:ems sourcetype has been updated to netapp:ontap:audit, so old logs are now classified under netapp:ontap:audit. Additionally, a new netapp:ontap:ems sourcetype has been introduced. If you upgrade and want these new changes, ensure that you set `SC4S_NETAPP_ONTAP_NEW_FORMAT` environment variable to `yes` and configure your system to send the logs to a specific port or have a hostname-based configuration in place for proper log onboarding into Splunk.

Expand Down
7 changes: 4 additions & 3 deletions package/enterprise/etc/conf.d/conflib/almost-syslog/app-almost-syslog-citrix_netscaler.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ block parser app-almost-syslog-citrix_netscaler() {
parser {
regexp-parser(
prefix(".tmp.")
patterns('^(?<pri>\<\d+>) (?<timestamp>(?<tspart1>\d\d)\/\d\d\/\d\d\d\d:\d\d:\d\d:\d\d ?(?<tz>\w+))? (?<host>[^ ]+) (?<message>[A-Z\-0-9]+ : .*)')
patterns('^(?<pri>\<\d+\>) (?<timestamp>(?<tspart1>\d\d)\/\d\d\/\d\d\d\d:\d\d:\d\d:\d\d ?(?<tz>\w+))? (?<host>[^ ]+) (?<message>[A-Z\-0-9]+ : .*)')
);
};
parser {
Expand All @@ -19,11 +19,12 @@ block parser app-almost-syslog-citrix_netscaler() {
);
};


if {
filter { "${.tmp.tspart1}" eq "$R_DAY"};
filter { "`SC4S_IGNORE_MMDD_LEGACY_CITRIX_NETSCALER`" eq "yes" or "${.tmp.tspart1}" eq "${DAY}"};
parser {
date-parser-nofilter(
format('%d/%m/%Y:%H:%M:%S %z','%d/%m/%Y:%H:%M:%S')
format('%d/%m/%Y:%H:%M:%S %z','%d/%m/%Y:%H:%M:%S','%d/%m/%Y:%H:%M:%S %Z')
template("${.tmp.timestamp}")
);
};
Expand Down
18 changes: 18 additions & 0 deletions package/enterprise/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
block parser app-syslog-dell_powerstore() {
channel {
rewrite {
r_set_splunk_dest_default(
index('netops')
sourcetype('dell:emc:powerstore')
vendor('dellemc')
product('powerstore')
);
};
};
};
application app-syslog-dell_powerstore[sc4s-network-source] {
filter {
match('\[PowerStore_audit_event@1139' value("MESSAGE"));
};
parser { app-syslog-dell_powerstore(); };
};
7 changes: 4 additions & 3 deletions package/etc/conf.d/conflib/almost-syslog/app-almost-syslog-citrix_netscaler.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ block parser app-almost-syslog-citrix_netscaler() {
parser {
regexp-parser(
prefix(".tmp.")
patterns('^(?<pri>\<\d+>) (?<timestamp>(?<tspart1>\d\d)\/\d\d\/\d\d\d\d:\d\d:\d\d:\d\d ?(?<tz>\w+))? (?<host>[^ ]+) (?<message>[A-Z\-0-9]+ : .*)')
patterns('^(?<pri>\<\d+\>) (?<timestamp>(?<tspart1>\d\d)\/\d\d\/\d\d\d\d:\d\d:\d\d:\d\d ?(?<tz>\w+))? (?<host>[^ ]+) (?<message>[A-Z\-0-9]+ : .*)')
);
};
parser {
Expand All @@ -19,11 +19,12 @@ block parser app-almost-syslog-citrix_netscaler() {
);
};


if {
filter { "${.tmp.tspart1}" eq "$R_DAY"};
filter { "`SC4S_IGNORE_MMDD_LEGACY_CITRIX_NETSCALER`" eq "yes" or "${.tmp.tspart1}" eq "${DAY}"};
parser {
date-parser-nofilter(
format('%d/%m/%Y:%H:%M:%S %z','%d/%m/%Y:%H:%M:%S')
format('%d/%m/%Y:%H:%M:%S %z','%d/%m/%Y:%H:%M:%S','%d/%m/%Y:%H:%M:%S %Z')
template("${.tmp.timestamp}")
);
};
Expand Down
18 changes: 18 additions & 0 deletions package/etc/conf.d/conflib/syslog/app-syslog-dell_powerstore.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
block parser app-syslog-dell_powerstore() {
channel {
rewrite {
r_set_splunk_dest_default(
index('netops')
sourcetype('dell:emc:powerstore')
vendor('dellemc')
product('powerstore')
);
};
};
};
application app-syslog-dell_powerstore[sc4s-network-source] {
filter {
match('\[PowerStore_audit_event@1139' value("MESSAGE"));
};
parser { app-syslog-dell_powerstore(); };
};
7 changes: 4 additions & 3 deletions package/lite/etc/addons/citrix/app-almost-syslog-citrix_netscaler.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ block parser app-almost-syslog-citrix_netscaler() {
parser {
regexp-parser(
prefix(".tmp.")
patterns('^(?<pri>\<\d+>) (?<timestamp>(?<tspart1>\d\d)\/\d\d\/\d\d\d\d:\d\d:\d\d:\d\d ?(?<tz>\w+))? (?<host>[^ ]+) (?<message>[A-Z\-0-9]+ : .*)')
patterns('^(?<pri>\<\d+\>) (?<timestamp>(?<tspart1>\d\d)\/\d\d\/\d\d\d\d:\d\d:\d\d:\d\d ?(?<tz>\w+))? (?<host>[^ ]+) (?<message>[A-Z\-0-9]+ : .*)')
);
};
parser {
Expand All @@ -19,11 +19,12 @@ block parser app-almost-syslog-citrix_netscaler() {
);
};


if {
filter { "${.tmp.tspart1}" eq "$R_DAY"};
filter { "`SC4S_IGNORE_MMDD_LEGACY_CITRIX_NETSCALER`" eq "yes" or "${.tmp.tspart1}" eq "${DAY}"};
parser {
date-parser-nofilter(
format('%d/%m/%Y:%H:%M:%S %z','%d/%m/%Y:%H:%M:%S')
format('%d/%m/%Y:%H:%M:%S %z','%d/%m/%Y:%H:%M:%S','%d/%m/%Y:%H:%M:%S %Z')
template("${.tmp.timestamp}")
);
};
Expand Down
18 changes: 18 additions & 0 deletions package/lite/etc/addons/dell/app-syslog-dell_powerstore.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
block parser app-syslog-dell_powerstore() {
channel {
rewrite {
r_set_splunk_dest_default(
index('netops')
sourcetype('dell:emc:powerstore')
vendor('dellemc')
product('powerstore')
);
};
};
};
application app-syslog-dell_powerstore[sc4s-network-source] {
filter {
match('\[PowerStore_audit_event@1139' value("MESSAGE"));
};
parser { app-syslog-dell_powerstore(); };
};
Loading
Loading