Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do I go about publishing a Splunk Technical Add-On?

Ali_Rewterz
Explorer
‎03-03-2023 02:36 AM

Hi I am trying to publish a technical add-one for Splunk Enterprise. Any help with this response would be much appreciated. 

 

This is feed back I have received from the Splunk Team:

Technical Add-On for Splunk did not qualify for Splunk Cloud compatibility for the following reasons:

  1. check_for_supported_tls
    • If you are using requests. post to talk to your own infra with non-public PKI, make sure you bundle your own CA certs as part of your app and pass the path into requests.post as an arg. File: bin/sirp.py Line Number: 241

 

Labels (1)
Labels
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎03-03-2023 05:58 AM

The AppInspect tool detected "requests.post" in your Python code.  The call to requests.post must include the certificate argument and that certificate must be included in your app.

---
If this reply helps you, Karma would be appreciated.
Reply

Ali_Rewterz
Explorer
‎03-05-2023 09:24 PM

Cheer mate, a quick reply is much appreciated.

Can you tell me which format should the certificate adhere to and what directory should I put the certificate in?

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎03-06-2023 05:31 AM

The certificate must be in PEM format and should go in the app's default directory.

---
If this reply helps you, Karma would be appreciated.
Reply

mushknizam
Engager
‎09-18-2023 11:44 PM

I am also facing a similar problem while submitting my splunk addon app to splunk. In my case, I am making post request to my software using the code below:


response=requests.post(url=url,headers=headers,json=temp_container,verify=False, timeout=60)


After the review and feedback from the splunk team, I included a code in my html that will make users to enter the path to  their SSL certificate (optional field). After this, I made changes to my python script so that if the user has entered the path, the code below will be executed else the one above.

response=requests.post(url=url,headers=headers,json=temp_container, timeout=60,verify=certloc)

certloc is the path to the certificate.
However, I am getting the same response as above from the review team on the code where I have kept verify=False. If I remove this code from the python then it will make it mandatory for the users to enter the path to the SSL certificate? In that case, do users have to use their own certificate and place the certificate inside default folder of the package or do we generate the certificate, and place it inside the default folder and then package it before distributing it.  Can the same certificate be used by all app users when we distribute the package? In our case, every customer has their own instance of our product just like every user has their own Splunk instance.

Tags (1)
0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...