Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to install add-on from file to Splunk Cloud free trial?

khanoh
New Member
‎10-31-2022 10:31 AM

Screen Shot 2022-10-31 at 12.26.03 PM.png

 Hi! I have a tgz-file with Splunk add-on developed by my coworkers. I created a trial instance of Splunk Cloud and would like to install (upload) this add-on from the file with the intention to make some modifications for my POC. Unfortunately, I can't locate a place to install or upload a new add-on (see the screenshot in attachment). Please help me find it. 

0 Karma
Reply

khanoh
New Member
‎10-31-2022 02:12 PM

I don't see Upload Apps, like mentioned here (see the screenshot above) 

I'm curious. Is it because (1) I have a trial version and it's not possible, or (2) it's hidden somewhere? If it's (2), then I'd appreciate the instructions.

Also, I'm curious in order to run validation via curl, you need to get the token. However, when I run this

curl --user my_name:my_password -X GET https://prd-p-j8pfr.splunkcloud.com/2.0/rest/login/splunk  

I receive this

<!doctype html><html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="refresh" content="1;url=https://prd-p-j8pfr.splunkcloud.com/en-US/2.0/rest/login/splunk"><title>303 See Other</title></head><body><h1>See Other</h1><p>The resource has moved temporarily <a href="https://prd-p-j8pfr.splunkcloud.com/en-US/2.0/rest/login/splunk">here</a>.</p></body></html>

What do I do wrong? What is your request to get the token and run the validation?

0 Karma
Reply

khanoh
New Member
‎10-31-2022 12:20 PM

I did validate using aplunk-appinspect cli but what should I click to upload the package and the validation results? I don't see anything in the Splunk Cloud UI.

khanoh@COH-RJVXQJPQL9 ~ % splunk-appinspect inspect /Users/khanoh/Downloads/TA-coh-splunk-add-on_1_0_0_export.tgz

 

0 Karma
Reply

johnhuang
Motivator
‎10-31-2022 12:32 PM

I'm not sure if there are other ways, but I've only used CURL to submit an package for cloud vetting.

https://dev.splunk.com/enterprise/docs/releaseapps/cloudvetting

0 Karma
Reply

johnhuang
Motivator
‎10-31-2022 11:29 AM

You have to have the app validated before it can be installed on Splunk Cloud. 

https://dev.splunk.com/enterprise/docs/releaseapps/cloudvetting

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...