Solved: Is there a way for Splunk to Call Third Party REST...

premrajvs · ‎11-08-2022

Requirement : Call REST APIs and ingest the data into Splunk to specified indexes

As of now, we are using Splunk Add on Builder Application to create apps for REST API calls and importing the data into Splunk.

Limitation with this approach : We are not able to call an API dynamically or on ad-hoc basis only when needed. Team wants to have an UI to call the REST APIs dynamically and show this data into a dashboard.

Is there any way in Splunk to provide this capability ?

premrajvs · ‎11-10-2022

I think there is no app available to call APIs on adhoc basis. So, I am building my own custom app.

View solution in original post

bowesmana · ‎11-10-2022

Yes, you can use curl as part of SPL with this app

https://splunkbase.splunk.com/app/4146

premrajvs · ‎11-10-2022

I think there is no app available to call APIs on adhoc basis. So, I am building my own custom app.

richgalloway · ‎11-08-2022

Have you looked at the REST API Modular Input app (https://splunkbase.splunk.com/app/1546)? It's not truly ad-hoc, but is more so than building code with AoB.

---
If this reply helps you, Karma would be appreciated.

Is there a way for Splunk to Call Third Party REST APIs Dynamically?

data

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?