I wrote a script that will create a diag and upload it to a folder on box.com. I have a copy of this script in my NFS home and I use another script to trigger it remotely on all of my servers whenever Splunk requests a diag. Then you can log in to box.com and grab the share link and put it in the case notes. In the future, I might re-write it in ruby, and have it automatically generate the share link.
Here is the script:
#!/bin/bash
#Enter your box.com credentials here
user="email_address_goes@here.com"
password="password_goes_here"
date="$(/bin/date '+%F')"
folder="/Splunk/${date}/"
hostname=$(hostname)
diag_file=""
get_diag () {
echo "${hostname}: Creating diag."
diag_file=$(/usr/bin/sudo /opt/splunk/bin/splunk diag | awk '/Splunk diagnosis file created:/{ match($0, /Splunk diagnosis file created: (.+)$/,a); print a[1]; }')
if [ -z ${diag_file} ]; then
echo "${hostname}: Failed to create diag. Exiting."
exit 1
else
echo "${hostname}: Created ${diag_file}"
return 0
fi
}
install_package () {
package=$1
#Check to see if ${package} is installed.
/usr/bin/sudo /usr/bin/yum list installed ${package} >>/dev/null
if [ $? -ge 1 ]; then
echo "${hostname}: ${package} package not Installed. Installing via yum."
echo
/usr/bin/sudo /usr/bin/yum -y install ${package}
if [ $? -ge 1 ]; then echo "${hostname}: Unable to install ${package}" ; exit 1 ; fi
fi
}
upload_diag () {
diag_basename=$(/bin/basename ${diag_file})
#Create folder
/usr/bin/sudo /usr/bin/curl \
-u "${user}:${password}" \
-o /dev/null \
-X MKCOL \
"https://dav.box.com/dav/${folder}"
#Upload diag
/usr/bin/sudo /usr/bin/curl \
-u "${user}:${password}" \
-o /dev/null \
-# \
-T ${diag_file} \
"https://dav.box.com/dav/${folder}/${diag_basename}"
if [ $? -eq 0 ]; then
echo "${hostname}: Diag upload complete."
echo "${hostname}: Deleting ${diag_file}"
/usr/bin/sudo rm ${diag_file}
exit 0
else
echo "${hostname}: Diag upload failed. Exiting."
exit 1
fi
}
#Make sure curl is installed. We need it to upload the diag file to box.com
install_package curl
#Create the diag file and store the filename in ${diag_file}
get_diag
#Upload ${diag_file} with curl
upload_diag
Here is the script:
#!/bin/bash
#Enter your box.com credentials here
user="email_address_goes@here.com"
password="password_goes_here"
date="$(/bin/date '+%F')"
folder="/Splunk/${date}/"
hostname=$(hostname)
diag_file=""
get_diag () {
echo "${hostname}: Creating diag."
diag_file=$(/usr/bin/sudo /opt/splunk/bin/splunk diag | awk '/Splunk diagnosis file created:/{ match($0, /Splunk diagnosis file created: (.+)$/,a); print a[1]; }')
if [ -z ${diag_file} ]; then
echo "${hostname}: Failed to create diag. Exiting."
exit 1
else
echo "${hostname}: Created ${diag_file}"
return 0
fi
}
install_package () {
package=$1
#Check to see if ${package} is installed.
/usr/bin/sudo /usr/bin/yum list installed ${package} >>/dev/null
if [ $? -ge 1 ]; then
echo "${hostname}: ${package} package not Installed. Installing via yum."
echo
/usr/bin/sudo /usr/bin/yum -y install ${package}
if [ $? -ge 1 ]; then echo "${hostname}: Unable to install ${package}" ; exit 1 ; fi
fi
}
upload_diag () {
diag_basename=$(/bin/basename ${diag_file})
#Create folder
/usr/bin/sudo /usr/bin/curl \
-u "${user}:${password}" \
-o /dev/null \
-X MKCOL \
"https://dav.box.com/dav/${folder}"
#Upload diag
/usr/bin/sudo /usr/bin/curl \
-u "${user}:${password}" \
-o /dev/null \
-# \
-T ${diag_file} \
"https://dav.box.com/dav/${folder}/${diag_basename}"
if [ $? -eq 0 ]; then
echo "${hostname}: Diag upload complete."
echo "${hostname}: Deleting ${diag_file}"
/usr/bin/sudo rm ${diag_file}
exit 0
else
echo "${hostname}: Diag upload failed. Exiting."
exit 1
fi
}
#Make sure curl is installed. We need it to upload the diag file to box.com
install_package curl
#Create the diag file and store the filename in ${diag_file}
get_diag
#Upload ${diag_file} with curl
upload_diag
Here is the script:
#!/bin/bash
#Enter your box.com credentials here
user="email_address_goes@here.com"
password="password_goes_here"
date="$(/bin/date '+%F')"
folder="/Splunk/${date}/"
hostname=$(hostname)
diag_file=""
get_diag () {
echo "${hostname}: Creating diag."
diag_file=$(/usr/bin/sudo /opt/splunk/bin/splunk diag | awk '/Splunk diagnosis file created:/{ match($0, /Splunk diagnosis file created: (.+)$/,a); print a[1]; }')
if [ -z ${diag_file} ]; then
echo "${hostname}: Failed to create diag. Exiting."
exit 1
else
echo "${hostname}: Created ${diag_file}"
return 0
fi
}
install_package () {
package=$1
#Check to see if ${package} is installed.
/usr/bin/sudo /usr/bin/yum list installed ${package} >>/dev/null
if [ $? -ge 1 ]; then
echo "${hostname}: ${package} package not Installed. Installing via yum."
echo
/usr/bin/sudo /usr/bin/yum -y install ${package}
if [ $? -ge 1 ]; then echo "${hostname}: Unable to install ${package}" ; exit 1 ; fi
fi
}
upload_diag () {
diag_basename=$(/bin/basename ${diag_file})
#Create folder
/usr/bin/sudo /usr/bin/curl \
-u "${user}:${password}" \
-o /dev/null \
-X MKCOL \
"https://dav.box.com/dav/${folder}"
#Upload diag
/usr/bin/sudo /usr/bin/curl \
-u "${user}:${password}" \
-o /dev/null \
-# \
-T ${diag_file} \
"https://dav.box.com/dav/${folder}/${diag_basename}"
if [ $? -eq 0 ]; then
echo "${hostname}: Diag upload complete."
echo "${hostname}: Deleting ${diag_file}"
/usr/bin/sudo rm ${diag_file}
exit 0
else
echo "${hostname}: Diag upload failed. Exiting."
exit 1
fi
}
#Make sure curl is installed. We need it to upload the diag file to box.com
install_package curl
#Create the diag file and store the filename in ${diag_file}
get_diag
#Upload ${diag_file} with curl
upload_diag
Hi @jgarland_gap
Did you post this to share with the rest of the Splunk community? If yes, then thanks for being helpful!
Can you actually post the script as an answer in the "Enter your answer here..." box below, then accept the answer? This will resolve the post and make it easier for other users to find in search results. I'll upvote it once you do 🙂
Patrick