All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

How to sync up update in REST API Modular Input

mnaim
Explorer
‎03-12-2014 02:45 PM

I'm using the REST API Modular Input app to get data from an API and index it on splunk. In my case, I'm using google api to run searches and I'm indexing the results. The problem is that I need to change the parameters of my search several times a day (via script executed via a cron). I'm a splunk noob, so the only way I got the gui to sync up with the inputs.config file is by restarting splunk. How can I get the gui side update and sync up with the backend without restarting? Thank you.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Damien_Dallimor
Ultra Champion
‎03-12-2014 06:51 PM

The REST API Mod Input has the ability to dynamically change and persist config parameters ie : URL arguments, headers , post body, cookies etc... You should not be using a third party cron triggered script.

You'd do this with a custom response handler in bin/responsehandlers.py

Look at the example TwitterEventHandler in the shipped release for an example of such processing behavior.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Damien_Dallimor
Ultra Champion
‎03-12-2014 06:51 PM

The REST API Mod Input has the ability to dynamically change and persist config parameters ie : URL arguments, headers , post body, cookies etc... You should not be using a third party cron triggered script.

You'd do this with a custom response handler in bin/responsehandlers.py

Look at the example TwitterEventHandler in the shipped release for an example of such processing behavior.

0 Karma
Reply
Solved! Jump to solution

mnaim
Explorer
‎03-13-2014 07:16 PM

My url_params changes a lot more than all the examples I've see so far, but may just need a little creative scripting. Thank you.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

To help practitioners build a stronger foundation, we launched the Data Management & Federation ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Casting Call: Compete in Cyber Games

Lights, Camera, SecOps: Apply to Compete in Cyber Games     Think you have what it takes to beat the clock? ...