cypresspoint package¶

Submodules¶

cypresspoint.checkpoint module¶

Simple checkpoint tracking helper class with dictionary-like access. This is used for modular inputs to track their state between executions.

class cypresspoint.checkpoint.ModInputCheckpoint(checkpoint_dir, input_name)[source]¶

Bases: object

NotSet = <object object>¶

dump(_now=None)[source]¶

dump_on_interval(delta: timedelta) → bool[source]¶

Dump to disk if interval has elapsed even if dump_after_updates hasn’t been reached. This is helpful for long-lived modular inputs.

A dump will also occur the very first time this function is called.

get(item, default=<object object>)[source]¶

load(default=None)[source]¶

setdefault(key, default)[source]¶

cypresspoint.checkpoint.json_dt_converter(o)[source]¶

cypresspoint.compat module¶

A collection of Python 2/3 compatibility functions.

This is kept for backwards compatibility, but this should eventually be depreciated and removed.

cypresspoint.compat.dt_to_epoch(ts: datetime) → int[source]¶

Convert datetime to an Unix epoch value

Parameters:: ts (datetime) – timestamp
Return type:: int

cypresspoint.datatype module¶

cypresspoint.datatype.as_bool(s)[source]¶

Convert a boolean-like configuration field into a proper boolean.

Parameters:: s (str) – Input string containing some form of truthy value
Return type:: bool

cypresspoint.datatype.reltime_to_timedelta(value: str) → timedelta[source]¶

Convert a relative time expression into a Python timedelta object. Only a subset of Splunk’s relative time syntax is supported, but many simple expressions like 7d (7 days), 5m (5 mins), 6mon (6 months), and 2y (2 years) should just work.

This does not support snapping with @. At this time relative times addition (+) or subtraction (-) is not yet supported, but should be.

Parameters:: value (str) – Relative time expression
Returns:: python object representation of the given relative time
Return type:: timedelta

cypresspoint.modinput module¶

cypresspoint.monkeypatch module¶

cypresspoint.searchcommand module¶

Helper functions for custom Splunk Search Commands

cypresspoint.searchcommand.ensure_fields(results: List[dict]) → List[dict][source]¶: Ensure that the first result has a placeholder key for ALL the fields

cypresspoint.spath module¶

cypresspoint.spath.sanitize_fieldname(field: str) → str[source]¶: Remove unwanted characters from the provided field name. The goal is to mimic the general field cleanup behavior of Splunk

cypresspoint.spath.splunk_dot_notation(obj: dict) → dict[source]¶: Convert json object (python dictionary) into a list of fields as Splunk does by default. Think of this as the same as calling Splunk’s “spath” SPL command.

Module contents¶

Top-level package for Cypress Point.

cypresspoint.setup_logging(log_file, debug=False, formatter=None, when='midnight', max_size_mb=None, backup_count=10)[source]¶