Add splunk cloud support

README.md

@@ -4,9 +4,9 @@
 [![Code Climate](https://img.shields.io/codeclimate/maintainability/zach-taylor/splunk_handler.svg?style=flat-square)](https://codeclimate.com/github/zach-taylor/splunk_handler/maintainability)
 [![PyPI](https://img.shields.io/pypi/v/splunk_handler.svg?style=flat-square)](https://pypi.python.org/pypi/splunk_handler)
 
-**Splunk Handler is a Python Logger for sending logged events to an installation of Splunk Enterprise.**
+**Splunk Handler is a Python Logger for sending logged events to an installation of Splunk Enterprise. or an instance of Splunk Cloud**
 
-*This logger requires the destination Splunk Enterprise server to have enabled and configured the [Splunk HTTP Event Collector](http://dev.splunk.com/view/event-collector/SP-CAAAE6M).*
+*This logger requires the splunk server to have the [Splunk HTTP Event Collector](http://dev.splunk.com/view/event-collector/SP-CAAAE6M). enabled and configured*
 
 ## A Note on Using with AWS Lambda
 
@@ -57,6 +57,7 @@ Example:
         #debug=False, # turn on debug mode; prints module activity to stdout, defaults to False
         #retry_count=5, # Number of retry attempts on a failed/erroring connection, defaults to 5
         #retry_backoff=2.0,  # Backoff factor, default options will retry for 1 min, defaults to 2.0
+        #cloud=False # turn on Splunk Cloud support node. this changes the URL used to upload events
     )
 
     logging.getLogger('').addHandler(splunk)
@@ -72,7 +73,10 @@ Here is an open source one: https://github.com/madzak/python-json-logger
 Sometimes it's a good idea to create a logging configuration using a Python dict
 and the `logging.config.dictConfig` function. This method is used by default in Django.
 
-Here is an example dictionary config and how it might be used in a settings file:
+Below is an example dictionary config and how it might be used in a settings file.
+
+(This example assumes that the python-json-logger package is installed)
+
 
 ~~~python
 import os

setup.py

@@ -2,15 +2,18 @@
 
 setup(
     name='splunk_handler',
-    version='2.0.8',
+    version='2.1.0',
     license='MIT License',
     description='A Python logging handler that sends your logs to Splunk',
     long_description=open('README.md').read(),
     author='Zach Taylor',
     author_email='ztaylor234@gmail.com',
     url='https://github.com/zach-taylor/splunk_handler',
     packages=['splunk_handler'],
-    install_requires=['requests >= 2.6.0, < 3.0.0'],
+    install_requires=[
+        'requests >= 2.6.0, < 3.0.0',
+        'urllib3'
+    ],
     classifiers=[
         'Development Status :: 4 - Beta',
         'Intended Audience :: Developers',

splunk_handler/__init__.py

@@ -9,14 +9,18 @@
 from threading import Timer
 
 import requests
-from requests.packages.urllib3.util.retry import Retry
+
 from requests.adapters import HTTPAdapter
 
 is_py2 = sys.version[0] == '2'
 if is_py2:
     from Queue import Queue, Full, Empty
+    from urllib3.util.retry import Retry
+    import urllib3
 else:
     from queue import Queue, Full, Empty
+    from requests.packages.urllib3.util.retry import Retry
+    import requests.packages.urllib3 as urllib3
 
 instances = []  # For keeping track of running class instances
 
@@ -49,7 +53,7 @@ def __init__(self, host, port, token, index,
                  verify=True, timeout=60, flush_interval=15.0,
                  queue_size=5000, debug=False, retry_count=5,
                  retry_backoff=2.0, protocol='https', proxies=None,
-                 record_format=False):
+                 record_format=False, cloud=False):
 
         global instances
         instances.append(self)
@@ -77,6 +81,7 @@ def __init__(self, host, port, token, index,
         self.protocol = protocol
         self.proxies = proxies
         self.record_format = record_format
+        self.cloud = cloud
 
         self.write_debug_log("Starting debug mode")
 
@@ -96,7 +101,7 @@ def __init__(self, host, port, token, index,
 
         # disable all warnings from urllib3 package
         if not self.verify:
-            requests.packages.urllib3.disable_warnings()
+            urllib3.disable_warnings()
 
         if self.verify and self.protocol == 'http':
             print("[SplunkHandler DEBUG] " + 'cannot use SSL Verify and unsecure connection')
@@ -194,6 +199,24 @@ def format_record(self, record):
 
         return formatted_record
 
+    @property
+    def endpoint_url(self):
+
+        url_part = 'services/collector'
+        if self.cloud:
+            url_part = 'services/collector/event'
+
+        url = '%s://%s:%s/%s' % (self.protocol, self.host, self.port, url_part)
+        self.write_debug_log("Destination URL is " + url)
+        return url
+
+    @property
+    def headers(self):
+        if self.token[:7] == "Splunk ":
+            return {'Authorization': self.token}
+        else:
+            return {'Authorization': "Splunk %s" % self.token}
+
     def _splunk_worker(self, payload=None):
         self.write_debug_log("_splunk_worker() called")
 
@@ -209,15 +232,13 @@ def _splunk_worker(self, payload=None):
 
         if payload:
             self.write_debug_log("Payload available for sending")
-            url = '%s://%s:%s/services/collector' % (self.protocol, self.host, self.port)
-            self.write_debug_log("Destination URL is " + url)
 
             try:
                 self.write_debug_log("Sending payload: " + payload)
                 r = self.session.post(
-                    url,
+                    self.endpoint_url,
                     data=payload,
-                    headers={'Authorization': "Splunk %s" % self.token},
+                    headers=self.headers,
                     verify=self.verify,
                     timeout=self.timeout
                 )