Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Best practice to create a custom python endpoint on SplunkWeb not Splunkd?

sideview
SplunkTrust
SplunkTrust
‎05-11-2011 12:42 PM

App developers can use restmap.conf to define custom REST endpoints on splunkd's port aka the management port (eg https://localhost:8089). However there doesnt appear to be any mechanism to use restmap.conf to do the same on SplunkWeb's port, (eg http://localhost:8000).

I know that I can get what I need by creating a custom UI module. (I can package a custom UI module in my app, custom modules can have python handlers, and that python will respond to requests at http://localhost:8000/en-US/module/system/Splunk.Module.MyCustomModule/render)

But I'm reluctant to create a custom UI module that is designed to never be used from the UI. Plus this would leave me no way to associate relevant capabilities with the endpoint, a security feature which restmap.conf does offer.

Is there a third way that I'm missing? ie is there a way to hit a restmap.conf endpoint from some proxied URL on SplunkWeb?

For instance: Splunkd's search API is all accessible from SplunkWeb via a little proxy that it has under /api/search: http://localhost:8000/en-US/api/search/jobs//results, so maybe some similar mechanism exists for endpoints created by restmap.conf ?

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

melting
Splunk Employee
Splunk Employee
‎09-24-2012 09:48 AM

Sure you can create a custom endpoint in splunkweb (port 8000)

What you want to do is create a custom controller. This pretty similar to the python portion of a module. Take a look at the docs on splunkweb controller @ dev.splunk.com.

View solution in original post

Reply
Solved! Jump to solution
Solution

melting
Splunk Employee
Splunk Employee
‎09-24-2012 09:48 AM

Sure you can create a custom endpoint in splunkweb (port 8000)

What you want to do is create a custom controller. This pretty similar to the python portion of a module. Take a look at the docs on splunkweb controller @ dev.splunk.com.

Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎09-24-2012 02:46 PM

D'oh. Thanks melting. I totally forgot controllers went out in 4.2. I think they were less than totally documented, or at least I remember the practical suggestion was that the only way to figure out how to create my own in an app, was to reverse engineer one of the shipping controllers in the core product.

0 Karma
Reply
Solved! Jump to solution

melting
Splunk Employee
Splunk Employee
‎09-24-2012 10:44 AM

This works in 4.2 as well.

0 Karma
Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎09-24-2012 10:36 AM

Thanks melting. 4.3 didn't come out until Jan 2012 and this question was posted from back in the 4.2 days. In the end I had to create several custom modules and then use them only for their endpoints, which was a bit of a bummer. These days I am of course much happier with controllers! Thanks again.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...