Skip to content

parsedmarc.splunk 🔗

HECClient 🔗

HECClient(
    url: str,
    access_token: str,
    index: str,
    source: str = "parsedmarc",
    verify: bool = True,
    timeout: int = 60,
)

A client for a Splunk HTTP Events Collector (HEC)

PARAMETER DESCRIPTION
url

The URL of the HEC

TYPE: str

access_token

The HEC access token

TYPE: str

index

The name of the index

TYPE: str

source

The source name

TYPE: str DEFAULT: 'parsedmarc'

verify

Verify SSL certificates

TYPE: bool DEFAULT: True

timeout

Number of seconds to wait for the server to send data before giving up

TYPE: int DEFAULT: 60

save_aggregate_reports_to_splunk 🔗

save_aggregate_reports_to_splunk(
    aggregate_reports: (
        AggregateReport | list[AggregateReport]
    ),
)

Save aggregate DMARC reports to Splunk

PARAMETER DESCRIPTION
aggregate_reports

Aggregate reports to save in Splunk

TYPE: AggregateReport | list[AggregateReport]

save_forensic_reports_to_splunk 🔗

save_forensic_reports_to_splunk(
    forensic_reports: ForensicReport | list[ForensicReport],
)

Save forensic DMARC reports to Splunk

PARAMETER DESCRIPTION
forensic_reports

Forensic reports to save in Splunk

TYPE: ForensicReport | list[ForensicReport]

SplunkError 🔗

SplunkError(message: str | Exception)

Bases: RuntimeError

Raised when a Splunk API error occurs