Security

Splunk Akamai API

RahulMisra1
Explorer

Hi ,

 

I am trying to achieve an automation whereon i will be running a query and then passing the IP's  which i need to send to akamai via POST API. I know, edgegridauth library can be used to achieve the same but got stuck on how the action would be configured . Can someone help.

 

RahulMisra1_0-1715160314906.png

 

Labels (1)
0 Karma
1 Solution

deepakc
Builder

As your not an expert then it might be better for you to explore Splunks Add-on builder which will have options to create what you need and with credentials, have a look at the below as it may help. 


https://docs.splunk.com/Documentation/AddonBuilder/4.2.0/UserGuide/CreateAlertActions

https://docs.splunk.com/Documentation/AddonBuilder/4.2.0/UserGuide/ConfigureDataCollection

View solution in original post

0 Karma

deepakc
Builder

In Splunk you need to configure alert actions, as you can see many come out of the box for your use case, you have a few options that you can explore.  

1. Use this Add-on - it may help with some config/testing so needs to be installed - https://splunkbase.splunk.com/app/5520 
2. Develop your own Action - https://dev.splunk.com/enterprise/docs/devtools/customalertactions/ 

 

0 Karma

RahulMisra1
Explorer

Thanks! This help me to move forward, just one thing if you can help. I have all done all, just not sure on what should i be putting on html (https://dev.splunk.com/enterprise/docs/devtools/customalertactions/createuicaa/) so that i can pass the IP to Akamai API.

0 Karma

deepakc
Builder

Have a look at this example it may help, other than that work through the documentation

splunk-app-examples/custom_alert_actions/slack_alerts/default/data/ui/alerts/slack.html at master · ...  

0 Karma

RahulMisra1
Explorer

I had a look at that one but i am not really an expert so couldn’t get much idea there.

Like Where would be my api credentials reaide and how do i call the api from custom alert action?

0 Karma

deepakc
Builder

As your not an expert then it might be better for you to explore Splunks Add-on builder which will have options to create what you need and with credentials, have a look at the below as it may help. 


https://docs.splunk.com/Documentation/AddonBuilder/4.2.0/UserGuide/CreateAlertActions

https://docs.splunk.com/Documentation/AddonBuilder/4.2.0/UserGuide/ConfigureDataCollection

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...

Transform your security operations with Splunk Enterprise Security

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk Admins and App Developers | Earn a $35 gift card!

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...