External API for 4.1 - will my application still w...

mctester · ‎05-20-2010

Hi,

I have a development support question.

We have an application that is integrated with splunk. We have a C++ program that was written as a plugin (bundle or application now I guess) and it is linked against the "extcmdapi" library. This plugin is used to introduce meta tags from our product into the raw data as its being indexed. We originally wrote this against 2.x of splunk and seems to work OK against 3.x.

I'm trying to find more info if this approach is still supported under 4.x. It sounds like one approach is to do the processing up front and feed replaced raw data to splunk on stdout, but looking for confirmation. Can't find much info on our current method on the site.

Thanks for the help

gkanapathy · ‎05-22-2010

I'm pretty sure it's not supported 4.x (and I don't think it was in 3.x). I have no idea if it will continue to work.

External API for 4.1 - will my application still work?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation