Greetings - With Splunk Cloud, there is a RESTful API available for use, however, many of these functions overlap with administration & configuration tasks (which are not allowed and have to be done by the Splunk Cloud team).
Is there a list of what API's are available automatically on sign-up, those which have to be requested, and those which aren't allowed? Integration is a key component of what we do, and the ability to automate is crucial.
Beaker, to be sure I understand your question: when you say "...what API's are available automatically on sign-up," do you mean which actions of the REST API?
Hi Acorman (apologies for the delay here!) - I'm still interested in an answer. We use Splunk Enterprise which have all functionality via the REST API. So yes, understanding what we can & can't do in Splunk Cloud by default (i.e. without asking for additional functionality) would be great.
The documentation will be updated at one point.
to do short :
- on splunkcloud single instance self service, the admins users have limited capabilities (including for the API use), and the API is accessible by default
- on splunkcloud large deployments, the admins have full capabilities (except inputs creation), and the API is not accessible by default, it has to be requested.
Hi yannk - thanks for your response (and sorry about my slow one!). Is there a list of what functions are available for the smaller instances?
Also, for larger deployments, if we have to ask for API access in larger deployments is access guaranteed upon request? What are the criteria for approval?
We are currently examining our options of Cloud vs. Enterprise in a healthcare environment so we'd like to understand what we can expect if we go down the Cloud path.
Great product by the way 🙂
Hey @Beaker77, yes the API will be opened upon authorized request. i.e. your name is attached to your order in our backend system, and you are an "authorized contact". API access can also be locked down by IP address or CIDR block(s)