Rewrite to python

[WaciX]

Highlights:

• Python 3.7 compatible, works naively with all Splunk distributions
• Uses Splunk SDK instead of raw http requests to access Splunk API
• Increased reliability in case of script crash, by saving the next Bitwarden API request in case of pagination in Splunk KV store, so the next time the script runs, it picks up where it left - instead of fetching everything to memory first
• Does not use hash field for Data Integrity Check - there is no need to calculate it, Splunk handles that automatically

Production ready TODO:

• [x] Fix CI packaging
• [x] Fix event date timestamp being different than when it is written (or when scripts runs) - in previous version the timestamp of the event in splunk is always the same as the event occurrence in bitwarden events.
• [x] Test continuationToken behavior
• [x] Test concurrency locking on overlapping scripts (when the script overlaps with the interval) - the outcome: it does not overlap
• [x] Log in INFO by default (see src/utils.py function get_logger)
• [x] Test script crashing due to bitwarden api being unresponsive - that it can continue where it left and not duplicate
• [x] Move the "Start date" field from the script.conf config to the Setup UI page.
• [x] Test Splunk Cloud
  • [x] Classic
  • [x] Victoria
• [x] CI to generate non-beta package
• [x] Check the "Updates to Splunk Cloud Vetting policy" changes - it's not automatic, scheduled by Actions once a month.
• [ ] Test multi-node Splunk behavior and concurrency

Future:

• [ ] Notify the admins via message when script fails - make sure not to duplicate the message over and over, try to add message info or logs ? Update: not going to do it, since
• [ ] Remove the "beta" app once the official app is updated

[bitwarden-bot]

Checkmarx One – Scan Summary & Details – 4006f8ea-848e-4240-b1cc-409236e42eff

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Unpinned Actions Full Length Commit SHA	/build.yml: 143	Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
	Use_Of_Hardcoded_Password	/package/appserver/static/javascript/views/setup_page.js: 43	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	SSL_Verification_Bypass	/src/Splunk/SplunkApi.cs: 27
	Unpinned Actions Full Length Commit SHA	/build.yml: 148
	Use_Of_Hardcoded_Password	/app/bitwarden_event_logs/appserver/static/javascript/views/setup_page.js: 42