topic Re: REST API Modular Input in All Apps and Add-ons

REST API Modular Input

preben12 — Thu, 14 Nov 2013 12:50:38 GMT

I calling a remote http endpoint that returns xml in the form of

<AdaptersStatus xmlns="http://xx.xx/xxxx/services/monitoring">
   <Status>ERROR</Status>
   <Timestamp>2013-11-14T13:33:48</Timestamp>
   <MonitoredAdapterStatus>
      <Status>
         <Timestamp>2013-11-14T13:33:47</Timestamp>
         <ApplicationStatus>OK</ApplicationStatus>
         <ApplicationVersion>1.0.19</ApplicationVersion>
         <MonitoredRessources>
            <DisplayName>Route monitor :: audit-trail-Route</DisplayName>
            <Status>OK</Status>
         </MonitoredRessources>
         <MonitoredRessources>
             <DisplayName>Route monitor :: bam-route</DisplayName>
             <Status>OK</Status>
         </MonitoredRessources>
     </Status>
     <Configuration>
        <URL>http://xxxxxx:7003/audit-trail/status</URL>
        <AdapterName>audit-trail</AdapterName>
     </Configuration>
  </MonitoredAdapterStatus> 
</AdaptersStatus>

I'm actually only interested in indexing the first field and the field, in this case ERROR, 2013-11-14Tx, and a sourcetype that indicates what rest service has been called.

I figured out that if I do = | rex "(?i)<.*?>(?P\w+)(?=<)" I will get a Key value of the Status field, but how can i make rest_ta index that, and discard the rest of the xml response ?

Re: REST API Modular Input

Damien_Dallimor — Thu, 14 Nov 2013 14:32:33 GMT

The REST API Modular Input is generic ie: it can be used against any HTTP REST endpoint. So it has the ability to plugin custom response handlers for any custom pre-processing or formatting of your response data.

To do this you add a custom response handler class to etc/apps/rest_ta/bin/responsehandlers.py and in the stanza setup declare that this handler should be applied.

So you could write a handler to just strip out and index the elements you are interested in.

Very quick rough code :

class MyCustomResponseHandler:

    def __init__(self,**args):
        pass

    def __call__(self, response_object,raw_response_output,response_type,req_args,endpoint):

        from xml.dom import minidom
        dom = minidom.parseString(raw_response_output)
        status = dom.getElementsByTagName('Status')
        timestamp = dom.getElementsByTagName('Timestamp')
        status[0].firstChild.nodeValue
        timestamp[0].firstChild.nodeValue

        processed_response_output = 'status='+status[0].firstChild.nodeValue+' timestamp='+timestamp[0].firstChild.nodeValue

        print_xml_stream(processed_response_output)

Re: REST API Modular Input

preben12 — Fri, 15 Nov 2013 10:59:25 GMT

Thanks Damien
I'll give your suggestions a try.

Re: REST API Modular Input

preben12 — Fri, 15 Nov 2013 11:58:37 GMT

whoa - works like a charm 🙂

Re: REST API Modular Input

Damien_Dallimor — Fri, 15 Nov 2013 12:26:00 GMT

Cool, not bad for untested code 🙂