We found a Splunk app which allows us to take a file and write it to our Splunk server before sending it off to a data store.
Due to issues with this app, I downloaded it, modified it, and re-uploaded it with some slight changes to the codebase. After this change, the new uploaded app does not have permissions to write to the filesystem, and we get this error "Unexpected error: [Errno 30] Read-only file system" when we try and use any of its alerts which write to a file.
This did not happen in the original app, which confuses me, as the logic for the file uploading, and the file destination have not changed.
These are the relevant bits of code which are throwing an error currently. Anyone know why this might not be working?
if not os.path.exists("out"): os.makedirs("out")
filename= "out/"+sid+".csv"
For context, the only changes were that finaland we are running our instance on Splunk Cloud so do not have direct access to the filesystem to be able to debug why this issue is getting thrown.
