- Community
- :
- Splunk Answers
- :
- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Could I use REST API to create a monitor input fro...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Could I use REST API to create a monitor input from the script of a modular input?
For creating a monitor input of our product, our customers have to type correct sourcetype and complex regular expression for whitelist. We want to create a simplified UI by using Modular Input. In the script a monitor input will be made automatically as same as adding it manually.
Could you tell me that is a good idea or bad one?
Even if our customers have correct permission, we are not sure if authentication tokens are necessary in the script.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Using Modular Inputs as a proxy just for creating a Monitor Input is a bit of a hack , and limiting what you can do in the UI.
Have you considered using the Web Framework and building a custom setup page for your Monitor Inputs (with you simplified approach). Your custom setup page could have whatever JS/HTML/CSS you want to provide your simpler experience for your users , and then you could have some Django serverside logic for your setup page that uses the Splunk REST API to create the Monitor Input stanza for you.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Sure you can. Splunk does this type of thing to aid in the install-time experience for some of our premium apps. Also consider that Splunk Web is built on top of the REST API itself. Start with a POST to data/inputs/monitor.
As to the authority question, the user executing the actions would have to have the correct permission in Splunk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Thanks for your answer. I reviewed my question and I think I did not describe it clearly, so I rewrote it. Could you check it again?
How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.
Learn More or Register Now >
