TL;DR
Automatic logfiles from Morpheus to Splunk.
Interesting situation. Morpheus, a multicloud deployment tool has the ability to collect tons of logs. We know that there could be valuable data found in these logs but how do we get them from Morpheus and dump them in to Splunk for some analytics? You ought to know me by now and know I will want to leverage the StackStorm exchange for a solution. A quick review for the 3rd party vendor integration packs shows that there is not a pack for Morpheus, bummer. But there is one for Splunk! Naturally, I will just make a pack and share. Morpheus was an interesting challenge, there was not a python binding and I just love using python bindings when talking to an API. So, what to do? Start coding. I developed a python binding call Pypheus for Morpheus and made it available on the ‘cheese shop’ simply install it with: pip3 install pypheus.
In the following video, I will demonstrate two stackstorm integration packs. One for Morpheus and the other for Splunk. Another small set back was when I looked at the Splunk integration pack out on the exchange, I noticed it did not have an action to create or get a HEC token. HEC is Http-event-collector and is the fastest way to import logs into a Splunk index. I had to write one an add it to the Splunk pack. As of this blog post I have not issued a pull request to get it merged into the Splunk pack on the exchange but it will happen. Next up? Aerospike! Any questions please let me know!