Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is there a reference listing all the EAI paths for all resource types?

sideview
SplunkTrust
SplunkTrust
‎10-21-2010 10:35 PM

Reverse engineering this stuff from the logs and existing usage in SplunkWeb's python code, I see a lot of things use the big flat 'admin/foo' paths to get/set data in EAI. However I also know vaguely from overhearing conversations at Splunk that this big flat list of 'admin/foo' endpoints is considered less than ideal and I thought I overheard that for each of them there is a more fundamental endpoint that we're all supposed to use.

And another data point is that I know that I can usually go to https://localhost:8089/servicesNS/admin/<app_name>/data , click past the stern security warnings from firefox, and there I should be able to drive to the stuff I want.

Then once I've found it, its easy to determine the proper EAI path by just looking at the browser URL.

The problem is that I cant find the 'proper' path for macros, and i cant find any path at all for extractions that are defined in props.conf

eg:

1) if I want to get a macro using the splunk.entity class in python, the only path I know is 'admin/macros', as in

splunk.entity.getEntity("admin/macros", "my_macro_name", namespace="my_app_name", owner="splunk.auth.getCurrentUser()['name'])

2) And I have an extracted field that is defined in my app and I cannot find a way to get this at all from EAI. (Maybe it would be there if I had defined it over in transforms and merely referred to it from props? )

Thanks in advance for any and all help.

Tags (4)
Reply
1 Solution
Solved! Jump to solution
Solution

gkanapathy
Splunk Employee
Splunk Employee
‎10-21-2010 11:50 PM
  1. I'd suggest going to the manager/admin screen in the GUI (or doing something using the CLI if you prefer that), then looking at what pages are hit in the splunkd_access.log. I found: https://localhost:8089/servicesNS/-/search/admin/macros, which generalizes to https://localhost:8089/servicesNS/-/-/admin/macros, which I guess is what you have anyway, as it just incorporates the owner and the app namespace in the URL.
  2. https://localhost:8089/services/data/props/extractions, or the namespaced version at https://localhost:8089/servicesNS/-/-/data/props/extractions

View solution in original post

Reply
Solved! Jump to solution
Solution

gkanapathy
Splunk Employee
Splunk Employee
‎10-21-2010 11:50 PM
  1. I'd suggest going to the manager/admin screen in the GUI (or doing something using the CLI if you prefer that), then looking at what pages are hit in the splunkd_access.log. I found: https://localhost:8089/servicesNS/-/search/admin/macros, which generalizes to https://localhost:8089/servicesNS/-/-/admin/macros, which I guess is what you have anyway, as it just incorporates the owner and the app namespace in the URL.
  2. https://localhost:8089/services/data/props/extractions, or the namespaced version at https://localhost:8089/servicesNS/-/-/data/props/extractions
Reply
Solved! Jump to solution

sideview
SplunkTrust
SplunkTrust
‎10-22-2010 12:16 AM

Yea, for macros i can only find the admin/macros path, and i always thought those admin ones were hacks and not to be used. And for props I cant find anything. URLs in splunkd_access for the macros list page in manager is /servicesNS/admin//admin/data/props/extractions/, but the entity class only gives back 404's and 500's for any combination of those segments...

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...

Data Persistence in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. What happens if the OpenTelemetry collector ...

Thanks for the Memories! Splunk University, .conf25, and our Community

Thank you to everyone in the Splunk Community who joined us for .conf25, which kicked off with our iconic ...