Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Good example of a working custom REST endpoint (but not an admin:* one)

sideview
SplunkTrust
SplunkTrust
‎05-11-2011 12:01 PM

I'm trying to piece things together from the restmap.conf docs, to get a working custom endpoint that I can use. Note that i do not want to use this with setup.xml and I just want a plain old endpoint that extends splunk.rest.BaseRestHandler, not an EAI endpoint.

http://www.splunk.com/base/Documentation/4.2.1/admin/restmapconf

Following what's written in restmap.conf I think I've done everything right and I've read through the doc a few times, but no luck.

I get a 500 response when I go to https://localhost:8089/services/my_path, saying "ImportError: No module named MyFileName" and I dont see how to debug or troubleshoot anything.

Here's my stanza in restmap.conf: 

[script:random_unique_name_like_say_fred]
match = /my_path
handler = MyFileName.MyClassName
requireAuthentication = true

and in $SPLUNK_HOME/etc/apps//default/rest/MyFileName.py there is a class defined called MyClassName that extends splunk.rest.BaseRestHandler. And the python is pretty simple and running it manually it seems free of syntax errors.

Ideally if someone can point me to an app on Splunkbase that has successfully set up a non-EAI custom rest endpoint (ie one that is NOT used from guided setup aka setup.xml).

Failing that, can anyone see what I'm doing wrong, or can you tell me if there are any tricks to get some kind of debugging or troubleshooting going?

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

sideview
SplunkTrust
SplunkTrust
‎05-11-2011 12:17 PM

It turns out that the restmap.conf docs are wrong in at least one place.
Under handler=<SCRIPT>.<CLASSNAME>, they say

The file *must* live in an application's ../rest/ subdirectory.

and then in an example it explains further that this rest directory has to be inside default.

Both are wrong. The file must live in the application's "bin" directory, at $SPLUNK_HOME/etc/apps/<appname>/bin/. Once I put it there it starts working.

However I'll still accept any answer that points me to an app that does something semi-real around such an endpoint...

View solution in original post

Reply
Solved! Jump to solution

ziegfried
Influencer
‎06-08-2011 12:03 PM

The pdfserver app implements a custom REST endpoint.

0 Karma
Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎05-12-2011 10:50 PM

Note: It looks like since I posted this the docs were updated to list the correct directory. 😃

0 Karma
Reply
Solved! Jump to solution
Solution

sideview
SplunkTrust
SplunkTrust
‎05-11-2011 12:17 PM

It turns out that the restmap.conf docs are wrong in at least one place.
Under handler=<SCRIPT>.<CLASSNAME>, they say

The file *must* live in an application's ../rest/ subdirectory.

and then in an example it explains further that this rest directory has to be inside default.

Both are wrong. The file must live in the application's "bin" directory, at $SPLUNK_HOME/etc/apps/<appname>/bin/. Once I put it there it starts working.

However I'll still accept any answer that points me to an app that does something semi-real around such an endpoint...

Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...