All Apps and Add-ons

how to test add-on-builder python code from remote dev workstation?

pmeyerson
Path Finder

Is there a way to invoke the collect_events() method in an add on that is using the add-on-builder template and has been copied to a remote dev workstation?

I installed the splunk-sdk using pip, updated my service.connect() to specifiy the remote host, and set the log context to log to my local directory instead of /opt/splunk/var/log which does not exist.

I try to run the main python file that matches the input name (without the input_module in the name), but it seems to just hang and not log anything. The input_module_*.py seems to exit immediately. Any suggestions would be great.

0 Karma

pmeyerson
Path Finder

Right thanks, I did make sure to copy all of the files under /bin and subdirectories as well. Is calling the python file matching the input name field in AOB a correct way to invoke?

0 Karma

chli_splunk
Splunk Employee
Splunk Employee

Technically yes. But if your new input has different parameters or settings, you have to update some files manually including inputs.conf.spec, inputs.conf, restmap.conf, py files etc. You can refer the templates in AoB to see how to apply different settings to the code generation: $SPLUNK_HONE/etc/apps/splunk_app_addon-builder/bin/ta_gnerator/resources

Use AoB to build another addon is highly recommended, since it's not easy to do everything manually.

0 Karma

chli_splunk
Splunk Employee
Splunk Employee

AoB developed a toolchain as Python libs for you. If you want to invoke some functions outside of AoB, please copy all the py files under "bin" folder to another Splunk app. Otherwise you have to figure out the callstacks by yourself.

0 Karma

pmeyerson
Path Finder

Or should this work pretty effortlessly?
Guess I could install splunk on my dev too!

0 Karma
Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...

Federated Search for Amazon S3 | Key Use Cases to Streamline Compliance Workflows

Modern business operations are supported by data compliance. As regulations evolve, organizations must ...