#! /usr/bin/perl ### ### getdiags - This script will generate a splunk diag remotely from a web ### server. It will retrieve it from the Splunk server to the web server so ### a person can download it to their local computer and so it can be uploaded ### to splunk support. If a splunk diag has already been generated, an option ### to retrieve the last generated splunk diag is also available. ### ### By Kirk Waingrow ### ### Installation instructions: ### 1. place this script in the CGI Directory of your webserver ### 2. mkdir $WWWPATH/$SAVEPATH that is writeable by the webserver ### 3. Modify $WWWPATH, $CGIPATH, $SAVEPATH, @SERVERS, $RUSER to match your environment ### 4. Make sure the SERVERS can be remotely accessed by the webserver without a password ### 5. Make sure the account remotely logging in can run /opt/splunk/bin/splunk diag ### $WWWPATH="/var/www/html"; # Document Root $CGIPATH="/cgi-bin/getdiags"; # URL CGI Path $SAVEPATH="/diags"; # Location of diags home page # Remote account to run './splunk diags' as. Whilre root is not # the more secure, you may need to use it as a last resort depending # on how you have your permissions set up on your installation of splunk. $RUSER="root"; # List all trusted Splunk Servers @servers=("searcher0001.els1.myspacecdn.com","searcher0002.els1.myspacecdn.com","splunk0001.els1.myspacecdn.com","splunk0002.els1.myspacecdn.coma","splunk0001.ash2.myspacecdn.com","splunk0002.ash2.myspacecdn.com","splunk0001.cha1.myspacecdn.com","splunk0002.cha1.myspacecdn.com","splunk-beta01.els1.myspacecdn.com","splunk-beta02.els1.myspacecdn.com"); ### ============ Should Not Have To Edit Below line ========= ### ### Determine if anything was passed through the URL. ### $buffer = $ENV{'QUERY_STRING'}; if ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'} ); } @pairs = split (/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $form{$name} = $value; } ### ### Top Header on every page displayed ### sub start_page { print "Content-type: text/html\n\n"; print qq~
"; system("ssh -o 'StrictHostKeyChecking no' $RUSER\@$form{RU} '(cd /opt/splunk/bin; /opt/splunk/bin/splunk diag)'"); print qq~~; } ### ### Retrieve the current/last generated diag from the remote server ### sub retrieve_diags { print "GETTING Splunk Diag from $form{RT}
"; system("scp -o 'StrictHostKeyChecking no' $RUSER\@$form{RT}:/opt/splunk/bin/splunk-diag.tar.gz $WWWPATH/$SAVEPATH/splunk-diag-$form{RT}.tar.gz"); print qq~ ~; } ### ### Provides a download link for a person to save generated splunk diag ### to their local computer ### sub download_diags { $file= readpipe "(cd $WWWPATH/$SAVEPATH; ls -al splunk-diag-$form{DL}.tar.gz)"; if ( ! $file ) { print "$WWWPATH/$SAVEPATH/splunk-diag-$form{DL}.tar.gz does not exist - Check permissions or that the \$WWWPATH/\$SAVEPATH is set correctly"; } @bits = split(/\s+/, $file); print qq~
Save the following:
$bits[4] $bits[5] $bits[6] $bits[7] $bits[8]
This is the last generated Splunk diag file:
$bits[4] $bits[5] $bits[6] $bits[7] $bits[8]
Would you like to retrieve this file or generate a new Splunk Diag to download. ~; } else { print qq~ ~; } } ### ### List available Servers to choose from. ### sub list_servers { print "Select a Splunk server to download DIAGS for:
";
for $s (@servers)
{
print "$s \n";
}
print "