Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

getting data in from rest api

dan_ber
New Member
‎10-05-2023 04:00 AM

Hi,

We have a splunk cloud instance, and a few of our systems dont have an out of the box add on, so we decided to try and get data via api. However our instance dosent have any api data inputs, nor can we find any way to create an input of our own. We tried to install the add on builder app, but the installation fails every time.

Is there any way to create our own add on, or a way to get splunk to pull data via api?

Labels (1)
Labels
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎10-08-2023 11:43 AM

Wait a second. Where did you try to install the add-on builder? On your cloud instance? You shouldn't do that.

It's supposed to be installed on your development instance of Splunk Entrerprise. There you should build your app. This custom app when ready you should submit for vetting and install onto your cloud instance.

See https://docs.splunk.com/Documentation/AddonBuilder/4.1.3/UserGuide/Installation

Reply

richgalloway
SplunkTrust
SplunkTrust
‎10-05-2023 06:02 AM

What product are you trying to onboard?  If you name it then perhaps someone who's worked with it before will respond.  Have you contacted the vendor to see if they have a private add-on available?

The lack of an add-on does not imply an API is needed.  There are other ways to get data into Splunk.


Install a universal forwarder on the server to send log files to Splunk
Have the server send syslog data to Splunk via a syslog server or Splunk Connect for Syslog
Use Splunk DB Connect to pull data from the server's SQL database.
Have the application send data directly to Splunk using HTTP Event Collector (HEC).

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

dan_ber
New Member
‎10-08-2023 01:55 AM

Hi,

We want to get data in from perception point. we havent seen any add on for it. we thought about spinning up a vm with a UF, but we would prefer to get data in via an addon, even if we have to create on ourselves. 

the add on builder however is failing to install in our splunk cloud instance

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...