package com.threeshell;

import com.splunk.Event;
import com.splunk.HttpService;
import com.splunk.JobExportArgs;
import com.splunk.ResultsReaderJson;
import com.splunk.SSLSecurityProtocol;
import com.splunk.Service;
import com.splunk.ServiceArgs;
import java.awt.EventQueue;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.WindowAdapter;
import java.awt.event.WindowEvent;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.Reader;
import java.net.Socket;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Properties;
import java.util.zip.DeflaterOutputStream;
import javax.swing.BoxLayout;
import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JPasswordField;
import javax.swing.JTextArea;
import javax.swing.JTextField;

/*  JADX ERROR: NullPointerException in pass: ClassModifier
    java.lang.NullPointerException: Cannot invoke "java.util.List.forEach(java.util.function.Consumer)" because "blocks" is null
    	at jadx.core.utils.BlockUtils.collectAllInsns(BlockUtils.java:1017)
    	at jadx.core.dex.visitors.ClassModifier.removeBridgeMethod(ClassModifier.java:239)
    	at jadx.core.dex.visitors.ClassModifier.removeSyntheticMethods(ClassModifier.java:154)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.ClassModifier.visit(ClassModifier.java:64)
    */
/* loaded from: input_file:com/threeshell/SplunkIngest.class */
public class SplunkIngest extends JFrame {
    private PrintWriter pw;
    private BufferedReader br;
    public static SplunkIngest splunkIngest = null;
    private BufferedReader inbr = null;
    private int nextInd = 0;
    private HashMap<String, String> domainMap = new HashMap<>();
    private boolean isWindows = false;
    private JLabel configLabel = new JLabel("looking for config file");
    private JTextArea searchText = new JTextArea();
    private JButton searchButton = new JButton("search");
    private JPasswordField passwordText = new JPasswordField(30);
    private JTextField beginText = new JTextField(20);
    private JTextField endText = new JTextField(20);
    private long nextMsgId = 1;
    private String consoleAddr = null;
    private String splunkHost = null;
    private String splunkUser = null;
    private int splunkPort = 8089;

    /* renamed from: com.threeshell.SplunkIngest$1 */
    /* loaded from: input_file:com/threeshell/SplunkIngest$1.class */
    static class AnonymousClass1 implements Runnable {
        AnonymousClass1() {
        }

        @Override // java.lang.Runnable
        public void run() {
            try {
                SplunkIngest.splunkIngest = new SplunkIngest();
                SplunkIngest.splunkIngest.setVisible(true);
                SplunkIngest.splunkIngest.setup();
            } catch (Exception e) {
                e.printStackTrace(System.out);
            }
        }
    }

    /* renamed from: com.threeshell.SplunkIngest$2 */
    /* loaded from: input_file:com/threeshell/SplunkIngest$2.class */
    public class AnonymousClass2 extends WindowAdapter {
        AnonymousClass2() {
        }

        public void windowClosing(WindowEvent windowEvent) {
            System.out.println("Closed");
            windowEvent.getWindow().dispose();
            System.exit(0);
        }
    }

    /* renamed from: com.threeshell.SplunkIngest$3 */
    /* loaded from: input_file:com/threeshell/SplunkIngest$3.class */
    public class AnonymousClass3 implements ActionListener {
        AnonymousClass3() {
        }

        public void actionPerformed(ActionEvent actionEvent) {
            SplunkIngest.this.doSearch();
        }
    }

    /* loaded from: input_file:com/threeshell/SplunkIngest$SearchRun.class */
    public class SearchRun implements Runnable {
        public final int BUFMAX = 4096;
        private char[] buf = new char[4096];
        private HashMap<String, Integer> extractKeys = new HashMap<>();
        private PrintWriter pw = null;
        private SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.S zzz");
        private SplunkEvent se = new SplunkEvent();

        SearchRun() {
        }

        @Override // java.lang.Runnable
        public void run() {
            try {
                HttpService.setSslSecurityProtocol(SSLSecurityProtocol.TLSv1_2);
                ServiceArgs serviceArgs = new ServiceArgs();
                serviceArgs.setUsername(SplunkIngest.this.splunkUser);
                serviceArgs.setPassword(SplunkIngest.this.passwordText.getText());
                serviceArgs.setHost(SplunkIngest.this.splunkHost);
                serviceArgs.setPort(SplunkIngest.this.splunkPort);
                Service connect = Service.connect(serviceArgs);
                JobExportArgs jobExportArgs = new JobExportArgs();
                if (SplunkIngest.this.beginText.getText() != null) {
                    jobExportArgs.setEarliestTime(SplunkIngest.this.beginText.getText());
                }
                if (SplunkIngest.this.endText.getText() != null) {
                    jobExportArgs.setLatestTime(SplunkIngest.this.endText.getText());
                }
                jobExportArgs.setSearchMode(JobExportArgs.SearchMode.NORMAL);
                jobExportArgs.setOutputMode(JobExportArgs.OutputMode.JSON);
                ResultsReaderJson resultsReaderJson = new ResultsReaderJson(connect.export(SplunkIngest.this.searchText.getText(), jobExportArgs));
                Socket socket = new Socket(SplunkIngest.this.consoleAddr, 4021);
                this.pw = new PrintWriter(new OutputStreamWriter(new DeflaterOutputStream(socket.getOutputStream(), true)));
                this.pw.println("splunk_ingest");
                this.pw.flush();
                while (true) {
                    Event nextEvent = resultsReaderJson.getNextEvent();
                    if (nextEvent == null) {
                        resultsReaderJson.close();
                        this.pw.close();
                        socket.close();
                        return;
                    }
                    parseEvent(nextEvent);
                }
            } catch (Exception e) {
                e.printStackTrace(System.out);
            }
        }

        private void parseEvent(Event event) throws ParseException {
            String str = event.get("_time");
            String str2 = event.get("_raw");
            event.get("sourcetype");
            int length = str2.length();
            if (length > 4096) {
                length = 4096;
            }
            str2.getChars(0, length, this.buf, 0);
            HashMap<String, String> hashMap = new HashMap<>();
            boolean z = false;
            boolean z2 = false;
            StringBuilder sb = new StringBuilder();
            StringBuilder sb2 = new StringBuilder();
            for (int i = 0; i < length; i++) {
                char c = this.buf[i];
                if (!z2 && (c == ' ' || c == '\r' || c == '\n' || c == '\t')) {
                    if (sb.length() > 0 && sb2.length() > 0) {
                        hashMap.put(sb.toString(), sb2.toString());
                    }
                    sb = new StringBuilder();
                    sb2 = new StringBuilder();
                    z = false;
                } else if (!z2 && !z && c == '=') {
                    z = true;
                } else if (c == '\"') {
                    z2 = !z2;
                } else if (z) {
                    sb2.append(c);
                } else {
                    sb.append(c);
                }
            }
            this.se.process(hashMap);
            sendEvent(str, this.se);
        }

        private void sendEvent(String str, SplunkEvent splunkEvent) throws ParseException {
            String substring = str.substring(0, 23);
            String str2 = "";
            for (String str3 : str.substring(24, str.length()).split(" ")) {
                str2 = str2 + str3.substring(0, 1);
            }
            Date parse = this.sdf.parse(substring + " " + str2);
            StringBuilder sb = new StringBuilder();
            sb.append(String.valueOf(SplunkIngest.this.nextMsgId));
            SplunkIngest.access$808(SplunkIngest.this);
            sb.append('\t');
            sb.append(String.valueOf(parse.getTime()));
            sb.append('\t');
            sb.append(splunkEvent.resultFromAddr);
            sb.append('\t');
            sb.append(splunkEvent.resultToAddr);
            sb.append('\t');
            sb.append(splunkEvent.resultMeasure);
            sb.append('|');
            sb.append("0");
            sb.append('\t');
            if (splunkEvent.resultTag != null) {
                sb.append(splunkEvent.resultTag);
            }
            this.pw.println(sb.toString());
        }
    }

    public static void main(String[] strArr) {
        EventQueue.invokeLater(new Runnable() { // from class: com.threeshell.SplunkIngest.1
            AnonymousClass1() {
            }

            @Override // java.lang.Runnable
            public void run() {
                try {
                    SplunkIngest.splunkIngest = new SplunkIngest();
                    SplunkIngest.splunkIngest.setVisible(true);
                    SplunkIngest.splunkIngest.setup();
                } catch (Exception e) {
                    e.printStackTrace(System.out);
                }
            }
        });
    }

    public SplunkIngest() {
        setTitle("Deep Node SPeLUNKer");
        setSize(560, 200);
        setLocationRelativeTo(null);
        setDefaultCloseOperation(0);
        getContentPane().setLayout(new BoxLayout(getContentPane(), 1));
    }

    public void setup() throws FileNotFoundException, IOException {
        addWindowListener(new WindowAdapter() { // from class: com.threeshell.SplunkIngest.2
            AnonymousClass2() {
            }

            public void windowClosing(WindowEvent windowEvent) {
                System.out.println("Closed");
                windowEvent.getWindow().dispose();
                System.exit(0);
            }
        });
        if (System.getProperty("os.name").toLowerCase().indexOf("win") > -1) {
            this.isWindows = true;
        }
        add(this.configLabel);
        JPanel jPanel = new JPanel();
        jPanel.setSize(300, 100);
        jPanel.add(new JLabel("splunk password"));
        jPanel.add(this.passwordText);
        add(jPanel);
        add(this.searchText);
        this.searchText.setText("search * | sort +_time");
        JPanel jPanel2 = new JPanel();
        jPanel2.setSize(500, 100);
        jPanel2.add(new JLabel("begin"));
        jPanel2.add(this.beginText);
        jPanel2.add(new JLabel("end"));
        jPanel2.add(this.endText);
        add(jPanel2);
        add(this.searchButton);
        this.searchButton.addActionListener(new ActionListener() { // from class: com.threeshell.SplunkIngest.3
            AnonymousClass3() {
            }

            public void actionPerformed(ActionEvent actionEvent) {
                SplunkIngest.this.doSearch();
            }
        });
        String str = System.getProperty("user.home") + File.separator + ".deepnode" + File.separator;
        if (new File(str + "splunk_ingest.properties").exists()) {
            readConfigFile(new FileReader(str + "splunk_ingest.properties"));
        } else {
            this.configLabel.setText("need config: " + str + "splunk_ingest.properties");
        }
    }

    public void doSearch() {
        new Thread(new SearchRun()).start();
    }

    private void readConfigFile(Reader reader) throws IOException {
        Properties properties = new Properties();
        properties.load(reader);
        reader.close();
        this.consoleAddr = properties.getProperty("consoleAddr");
        this.splunkHost = properties.getProperty("splunkHost");
        this.splunkUser = properties.getProperty("splunkUser");
        String property = properties.getProperty("splunkPort");
        if (property != null) {
            this.splunkPort = Integer.parseInt(property);
        }
        this.configLabel.setText("config file parsed");
    }

    public String getLocation(String str) {
        String str2 = "ext";
        if (str.startsWith("192.168") || str.startsWith("10.")) {
            str2 = "int";
        } else if (str.startsWith("172.") && str.charAt(6) == '.') {
            try {
                int parseInt = Integer.parseInt(str.substring(4, 6));
                if (parseInt >= 16 && parseInt < 32) {
                    str2 = "int";
                }
            } catch (Exception e) {
            }
        } else if (str.toLowerCase().startsWith("fc") || str.toLowerCase().startsWith("fd")) {
            str2 = "int";
        }
        if (str.endsWith(".1") || str.endsWith(".255") || str.endsWith(".0")) {
            str2 = "ctrl";
        }
        String str3 = "na";
        if (!str.equals("na")) {
            str3 = this.domainMap.get(str);
            if (str3 == null) {
                str3 = lookupDomain(str);
                this.domainMap.put(str, str3);
            }
        }
        return str2 + "|" + str3;
    }

    public String lookupDomain(String str) {
        String str2;
        str2 = "unk";
        try {
            Process exec = Runtime.getRuntime().exec(new String[]{"nslookup", str});
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(exec.getInputStream()));
            String str3 = null;
            long currentTimeMillis = System.currentTimeMillis();
            int i = 5;
            if (this.isWindows) {
                i = 4;
            }
            int i2 = 0;
            while (i2 < i) {
                while (true) {
                    String readLine = bufferedReader.readLine();
                    str3 = readLine;
                    if (readLine != null || System.currentTimeMillis() >= currentTimeMillis + 800) {
                        break;
                    }
                    Thread.sleep(5L);
                }
                if (str3 == null) {
                    break;
                }
                i2++;
            }
            exec.destroy();
            if (i2 == i) {
                if (this.isWindows) {
                    String[] split = str3.split("\\.");
                    str2 = split.length >= 3 ? split[split.length - 2] + "." + split[split.length - 1] : "unk";
                } else {
                    int indexOf = str3.indexOf(61);
                    if (indexOf != -1) {
                        String[] split2 = str3.substring(indexOf + 2, str3.length()).split("\\.");
                        if (split2.length >= 3) {
                            str2 = split2[split2.length - 2] + "." + split2[split2.length - 1];
                        }
                    }
                }
            }
        } catch (Exception e) {
            System.out.println("error getting domain for " + str + ": " + e);
            e.printStackTrace(System.out);
        }
        return str2;
    }

    /*  JADX ERROR: Failed to decode insn: 0x0005: MOVE_MULTI, method: com.threeshell.SplunkIngest.access$808(com.threeshell.SplunkIngest):long
        java.lang.ArrayIndexOutOfBoundsException: arraycopy: source index -1 out of bounds for object array[8]
        	at java.base/java.lang.System.arraycopy(Native Method)
        	at jadx.plugins.input.java.data.code.StackState.insert(StackState.java:49)
        	at jadx.plugins.input.java.data.code.CodeDecodeState.insert(CodeDecodeState.java:118)
        	at jadx.plugins.input.java.data.code.JavaInsnsRegister.dup2x1(JavaInsnsRegister.java:313)
        	at jadx.plugins.input.java.data.code.JavaInsnData.decode(JavaInsnData.java:46)
        	at jadx.core.dex.instructions.InsnDecoder.lambda$process$0(InsnDecoder.java:54)
        	at jadx.plugins.input.java.data.code.JavaCodeReader.visitInstructions(JavaCodeReader.java:81)
        	at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:50)
        	at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:156)
        	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:443)
        	at jadx.core.ProcessClass.process(ProcessClass.java:70)
        	at jadx.core.ProcessClass.generateCode(ProcessClass.java:118)
        	at jadx.core.dex.nodes.ClassNode.generateClassCode(ClassNode.java:400)
        	at jadx.core.dex.nodes.ClassNode.decompile(ClassNode.java:388)
        	at jadx.core.dex.nodes.ClassNode.getCode(ClassNode.java:338)
        */
    static /* synthetic */ long access$808(com.threeshell.SplunkIngest r8) {
        /*
            r0 = r8
            r1 = r0
            long r1 = r1.nextMsgId
            // decode failed: arraycopy: source index -1 out of bounds for object array[8]
            r2 = 1
            long r1 = r1 + r2
            r0.nextMsgId = r1
            return r-1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.threeshell.SplunkIngest.access$808(com.threeshell.SplunkIngest):long");
    }

    static {
    }
}
