All Apps and Add-ons

What's the use of Gitlab add-on?

ww9rivers
Communicator

Specifically, this statement prompted my question: "If you do not specify a specific project ID, you will only get event data associated with the account the token is associated with."

So does the add-on only gets event data either associated with one account, or one project?

jstrille
Engager

Hello,
From what I understand of my usage of it: it gets all events across all projects that you have the right to view with the specified token.
If you specify a project it will only get events you have the right to view on the specified project.

0 Karma

ww9rivers
Communicator

Thank you. I manage Splunk but am only a client side gitlab user, so please bear with me asking more questions.

So from Splunk's perspective, say I would like to collect all events for all projects on a gitlab server, I would need to set up a "super user" in the gitlab installation, which would automatically have rights to access all existing and to-be-created projects?

Regards.

0 Karma

jstrille
Engager

Exactly or an admin account on which you create a token with the API scope.
However this TA doesn't work as well as expected from my testings: there is no pagination handling which is fine for retrieving current /events but you won't be importing all the history of the different sourcetypes provided by the TA.

0 Karma
Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

How I Instrumented a Rust Application Without Knowing Rust

As a technical writer, I often have to edit or create code snippets for Splunk's distributions of ...