Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Import Splunk.php
- require_once 'Splunk.php';
- // Create an instance of Splunk_Service to connect to a Splunk server
- $service = new Splunk_Service(array(
- 'host' => 'data.intra.a-tono.net',
- 'port' => '8089',
- 'username' => '',
- 'password' => '',
- ));
- //Configure Search
- $searchQueryNormal = 'search index=droppay port=11116 event=message_MO | fields ts,msisdn,text ';
- $searchParams = array(
- 'exec_mode' => 'normal',
- 'earliest_time' => '2013-07-01T00:00:00.000-00:00',
- 'latest_time' => '2015-01-01T00:00:00.000-00:00'
- );
- // Log into the Splunk service
- $service->login();
- // Run a normal search
- $job = $service->getJobs()->create($searchQueryNormal, $searchParams);
- try
- {
- // Print progress of the job as it is running
- echo "Search progress...\n";
- while (!$job->isDone())
- {
- printf("%03.1f%%", $job->getProgress() * 100);
- echo "\n";
- flush();
- usleep(0.5 * 1000000);
- $job->refresh();
- }
- echo "Done!\n";
- // Get job results
- $resultsNormalSearch = $job->getResults();
- $messages = array();
- }
- catch (Exception $e)
- {
- // Generate fake result that contains the exception message
- $resultsNormalSearch = array();
- $messages = array();
- $messages[] = new Splunk_ResultsMessage('EXCEPTION', $e->getMessage());
- }
- // Use the built-in XML parser to display the job results
- foreach ($resultsNormalSearch as $result)
- {
- $result_array = (array)$result;
- $ts = $result_array["ts"];
- $source = substr($result_array["msisdn"], 2);
- $text = $result_array["text"];
- $dest = preg_split("/[\s,]+/", $text)[1];
- $filename = "anon_" . str_replace("-", "", substr($ts, 0, 7)) . ".tx";
- $row = "$ts,$source,$dest\n";
- $fh=fopen($filename,"a");
- fwrite($fh, $row);
- fclose($fh);
- echo "Inserted: $row in $filename\n";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
