initial version

.gitignore

@@ -0,0 +1,2 @@
+local
+metadata/local.meta

README.md

@@ -0,0 +1,23 @@
+## Apprise Alert Action
+Adds an alert action to Splunk that allows sending a notification using any of the notification services supported by Apprise.
+
+For a full list of notification services, see https://github.com/caronc/apprise/wiki
+
+There are two ways of using this addon:
+    - Providing a URL in each alert action
+    - Using a configuration file and tags
+
+### Providing a URL in each alert action
+This requires no configuration to use. Just put a valid URL in the alert action and the service will be sent the alert.
+
+### Using a configuration file and tags
+See https://github.com/caronc/apprise/wiki/config for creating an Apprise configuration file.
+
+To provide the configuration file to the add-on, in the Splunk UI go to Settings>Alert Actions>Setup Apprise Alert Action*
+
+Alternatively, this can be done by updating and placing the below config in local/alert_actions.conf
+
+    [apprise_alert]
+    param.config = <<config_file>>
+
+Note: The default path the addon looks in for configuration files the apprise_alert/bin/ folder. Either provide a full path or relative path from this directory.

README/alert_actions.conf.spec

@@ -0,0 +1,3 @@
+[apprise_alert]
+param.config = <string>
+* Location of your Apprise configuration file. Relative paths are from the within the apps/alert_apprise folder.

README/saved_searches.conf.spec

@@ -0,0 +1,19 @@
+#Options for Apprise Alert Action
+
+action.apprise_alert = [0|1]
+* Enable Apprise Alert Action
+
+action.apprise_alert.param.url = <string>
+* The Notification service URL. Please see here for more info: https://github.com/caronc/apprise/wiki
+* (optional, if tags is set)
+
+action.apprise_alert.param.tag = <string>
+* Tag to use to send notificaions. Requires a configuration file.
+* (optional, if URL is set)
+
+action.apprise_alert.param.body = <string>
+* Body of the alert
+
+action.apprise_alert.param.title = <string>
+* Title of the alert
+* (optional)

bin/send_apprise_alert.py

@@ -0,0 +1,78 @@
+import sys, requests, json, re, os
+
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "lib"))
+import apprise
+
+
+def eprint(*args, **kwargs):
+    print(*args, file=sys.stderr, **kwargs)
+
+def check_inputs(config):
+    required_fields = ['body']
+
+    if not 'url' in config and not 'tag' in config:
+        eprint("A URL or tag needs to be specified.")
+        return False
+
+    if 'tag' in config and not 'config' in config:
+        eprint("Using a tag requires setting a configuration file defined in setup.")
+        return False
+
+    if 'tag' in config and 'config' in config:
+        if not os.path.exists(config['config']):
+            eprint("Unable to locate config file {}".format(config['config']))
+            return False
+
+    for field in required_fields:
+        if not field in config:
+            eprint("No "+field+" specified.")
+            return False
+
+    return True
+
+
+if len(sys.argv) > 1 and sys.argv[1] == "--execute":
+    alert = json.load(sys.stdin)
+    if check_inputs(alert['configuration']):
+        #load config
+        config = alert['configuration']
+
+
+        if 'config' in config and 'tag' in config:
+            ac = apprise.AppriseConfig()
+            ac.add(config['config'])
+
+            ar = apprise.Apprise()
+            ar.add(ac)
+
+            if "title" in config:
+                ar.notify(
+                    body=config['body'],
+                    title=config['title'],
+                    tag=config['tag']
+                )
+            else:
+                ar.notify(
+                    body=config['body'],
+                    tag=config['tag']
+                )
+
+
+        if 'url' in config:
+            ar = apprise.Apprise()
+            ar.add(config['url'])
+
+            if "title" in config:
+                ar.notify(
+                    body=config['body'],
+                    title=config['title']
+                )
+            else:
+                ar.notify(
+                    body=config['body']
+                )
+
+    else:
+        eprint("Invalid configuration detected. Stopped.")
+else:
+    eprint("FATAL No execute flag given")

default/alert_actions.conf

@@ -0,0 +1,9 @@
+[apprise_alert]
+is_custom = 1
+label = Send an Apprise Alert
+description = Send an alert using Apprise
+icon_path = appIcon.png
+alert.execute.cmd = send_apprise_alert.py
+alert.execute.cmd.arg.0 = --execute
+payload_format = json
+python.version = python3

default/app.conf

@@ -0,0 +1,16 @@
+[install]
+state = enabled
+
+[package]
+check_for_updates = 1
+id = alert_apprise
+
+[ui]
+is_visible = false
+is_manageable = false
+label = Apprise Alert Action
+
+[launcher]
+author = Michael Clayfield
+version = 1.0.0
+description = Alert Action based on Apprise, for sending alerts to many different sources.

default/data/ui/alerts/apprise_alert.html

@@ -0,0 +1,41 @@
+<form>
+	<div class='control-group'>
+		<label class="control-label" for="apprise_alert">URL </label>
+		<div class="controls">
+			<splunk-text-input name="action.apprise_alert.param.url" id="apprise_alert_url" required />
+		</div>
+	</div>
+	<div class="control-group">
+		<div class="controls">
+			<span class="help-block" style="display: block; position: static; width: auto; margin-left: 0;">
+				URL of the service to be called. Only required if not using a tag. See https://github.com/caronc/apprise/wiki for further info.
+			</span>
+		</div>
+	</div>
+	<div class='control-group'>
+		<label class="control-label" for="apprise_alert">Tag </label>
+		<div class="controls">
+			<splunk-text-input name="action.apprise_alert.param.tag" id="apprise_alert_tag" required />
+		</div>
+	</div>
+	<div class="control-group">
+		<div class="controls">
+			<span class="help-block" style="display: block; position: static; width: auto; margin-left: 0;">
+				Tag of the service(s) from your configuration file to call. Only required if not using a URL.
+			</span>
+		</div>
+	</div>
+	<div class='control-group'>
+		<label class="control-label" for="apprise_alert">Body <span class="required">*</span> </label>
+		<div class="controls">
+			<splunk-text-area name="action.apprise_alert.param.body" id="apprise_alert_body" required />
+		</div>
+	</div>
+	<div class='control-group'>
+		<label class="control-label" for="apprise_alert">Title</label>
+		<div class="controls">
+			<splunk-text-input name="action.apprise_alert.param.title" id="apprise_alert_title" />
+		</div>
+	</div>
+
+</form>

default/setup.xml

@@ -0,0 +1,9 @@
+<setup>
+    <block title="Apprise Configuration File" endpoint="admin/alert_actions" entity="apprise_alert">
+        <input field="param.config">
+            <label>Config File</label>
+            <type>text</type>
+        </input>
+    </block>
+
+</setup>