Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Best practice to create a custom python endpoint on SplunkWeb not Splunkd?

sideview
SplunkTrust
SplunkTrust
‎05-11-2011 12:42 PM

App developers can use restmap.conf to define custom REST endpoints on splunkd's port aka the management port (eg https://localhost:8089). However there doesnt appear to be any mechanism to use restmap.conf to do the same on SplunkWeb's port, (eg http://localhost:8000).

I know that I can get what I need by creating a custom UI module. (I can package a custom UI module in my app, custom modules can have python handlers, and that python will respond to requests at http://localhost:8000/en-US/module/system/Splunk.Module.MyCustomModule/render)

But I'm reluctant to create a custom UI module that is designed to never be used from the UI. Plus this would leave me no way to associate relevant capabilities with the endpoint, a security feature which restmap.conf does offer.

Is there a third way that I'm missing? ie is there a way to hit a restmap.conf endpoint from some proxied URL on SplunkWeb?

For instance: Splunkd's search API is all accessible from SplunkWeb via a little proxy that it has under /api/search: http://localhost:8000/en-US/api/search/jobs//results, so maybe some similar mechanism exists for endpoints created by restmap.conf ?

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

melting
Splunk Employee
Splunk Employee
‎09-24-2012 09:48 AM

Sure you can create a custom endpoint in splunkweb (port 8000)

What you want to do is create a custom controller. This pretty similar to the python portion of a module. Take a look at the docs on splunkweb controller @ dev.splunk.com.

View solution in original post

Reply
Solved! Jump to solution
Solution

melting
Splunk Employee
Splunk Employee
‎09-24-2012 09:48 AM

Sure you can create a custom endpoint in splunkweb (port 8000)

What you want to do is create a custom controller. This pretty similar to the python portion of a module. Take a look at the docs on splunkweb controller @ dev.splunk.com.

Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎09-24-2012 02:46 PM

D'oh. Thanks melting. I totally forgot controllers went out in 4.2. I think they were less than totally documented, or at least I remember the practical suggestion was that the only way to figure out how to create my own in an app, was to reverse engineer one of the shipping controllers in the core product.

0 Karma
Reply
Solved! Jump to solution

melting
Splunk Employee
Splunk Employee
‎09-24-2012 10:44 AM

This works in 4.2 as well.

0 Karma
Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎09-24-2012 10:36 AM

Thanks melting. 4.3 didn't come out until Jan 2012 and this question was posted from back in the 4.2 days. In the end I had to create several custom modules and then use them only for their endpoints, which was a bit of a bummer. These days I am of course much happier with controllers! Thanks again.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...