- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Is it possible to make Splunk Inputs in automated ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All!
Currently we have some add-ons for tools like Jenkins, GitLab, SonarQube in our instance and we have configured all fields for them to fetch data from these tools.
The problem is that e.g. for Jenkins we need to specify all project names separated by a comma and once new project appears or is deleted, we need to manually update this add-on setup fields.
Is it possible to configure these fields in automated way, to avoid manual work? ( Automatically take all Jenkins project names and fetch data from them)
Looking forward for your replies
Thank you!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In general terms, yes. It's fairly easy to programmatically manipulate Splunk's configuration files. Options include (1) editing the files directly using a bit of code, (2) using the CLI ( splunk add monitor, for example), and (3) using the REST API. All of these approaches have pros/cons. I suspect that option #2 is out for a custom TA. Between options 1 and 3, it's a bit of a preference call. Both options will give you lots of flexibility.
I've not used the Jenkin's TA, but if you can figure out which entry in your configuration file needs to be updated, it should be fairly straightforward to update it.
If you want to go down the REST API path, I'd suggest starting with the REST API Tutorials - Managing Objects, if you haven't done anything like this before with Splunk. Then make your way over to the Splunk REST API Reference docs and look at the "Configuration" section.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In general terms, yes. It's fairly easy to programmatically manipulate Splunk's configuration files. Options include (1) editing the files directly using a bit of code, (2) using the CLI ( splunk add monitor, for example), and (3) using the REST API. All of these approaches have pros/cons. I suspect that option #2 is out for a custom TA. Between options 1 and 3, it's a bit of a preference call. Both options will give you lots of flexibility.
I've not used the Jenkin's TA, but if you can figure out which entry in your configuration file needs to be updated, it should be fairly straightforward to update it.
If you want to go down the REST API path, I'd suggest starting with the REST API Tutorials - Managing Objects, if you haven't done anything like this before with Splunk. Then make your way over to the Splunk REST API Reference docs and look at the "Configuration" section.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Lowell,
That's great! Thank you for your answer!
For now I just wanted to make sure if it's even possible and i got answer - it is! Exactly what was needed.
Will definitely dig deeper into this and REST API most probably will be the path which I will choose although I'm not really experienced with this so far, but we all have been at learning stage some day. 🙂
Thank you once more!
Routing logs with Splunk OTel Collector for Kubernetes
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
