All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

The rest api add-on works in with version 1.5.3 but when I upgrade to 1.8.1 or 1.8.2 the data stops being ingested into splunk. any idea why?

jlstanley
Path Finder
‎06-03-2020 09:25 AM

I've got about 10 or 12 rest api inputs setup in the add-on that are all working fine with 1.5.3 but stop working whenever I upgrade the add-on to 1.8.X

is there anything I need to be changing to make it work? I'm on splunk 7.3.1 currently with RHEL7.4

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gjanders
SplunkTrust
SplunkTrust
‎06-03-2020 08:12 PM

You will find that Splunk 7.3.x and 1.8.1 and 1.8.2 did not work, 1.8.3 fixes it
If you look at SplunkBase you will notice the baboon bones team removed 1.8.1 and 1.8.2 from the website...

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

View solution in original post

0 Karma
Reply
Solved! Jump to solution

jlstanley
Path Finder
‎06-04-2020 11:01 AM

After updating to 1.8.3 it still didn't work right off the bat but I was able to finally see in the error log that I needed to copy the custom responsehandlers.py from the previous add-on to the new since it got overwritten. thank you

0 Karma
Reply
Solved! Jump to solution
Solution

gjanders
SplunkTrust
SplunkTrust
‎06-03-2020 08:12 PM

You will find that Splunk 7.3.x and 1.8.1 and 1.8.2 did not work, 1.8.3 fixes it
If you look at SplunkBase you will notice the baboon bones team removed 1.8.1 and 1.8.2 from the website...

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...