Splunk Dev

Why does Splunk Cloud Custom app request fail for the package created locally?

Sucheta_new
Loves-to-Learn

4879AB54-416D-4E42-A56F-A17A3EA873FE.png

A609CF7E-727E-4DBB-8BD1-EADD10E7A3D8.png

A8ACDBB0-3197-4B4A-A98F-24291FFC4127.png

4C409153-5871-40E1-ADB6-20741C9B98C4.png

  

Hi Team, I have been trying to create a custom app with some config files and created it manually with the directory structures. But once submitted, I came across the below failures as mentioned by splunk.

6C2EE980-7DE9-49E4-8D34-8E92F533F4B2.png

 

splunk.

6C2EE980-7DE9-49E4-8D34-8E92F533F4B2.png

please help me how I can solve the issues and also let me know if there are any other ways to package the app if I have some config items

Labels (1)
0 Karma

Tom_Lundie
Contributor

That's a lot of errors...

Start with the Cloud Appinspect Criteria. Hopefully something obvious jumps out.

If that doesn't help then it's going to be very hard to help debug this without some more details about what your app contains. Feel free to share the (obfuscated) config within the app and the high-level structure too.

If you (understandably) don't want to share this on here then I would raise a ticket for Splunk support.

0 Karma

Sucheta_new
Loves-to-Learn

thanks. All the other errors I can sort out except the File_generic_execute issue. Can you assist me to resolve that one?

0 Karma

Tom_Lundie
Contributor

Sure no problem.

This validation error pertains to the fact some of your files outside of the bin directory have execute permissions set.

The way to fix this is to remove the execute permissions for any file that does not need to be executed.

WARNING: This command will change file permissions so make sure that you only run this in your app directory (do not run this command elsewhere on your OS), firstly lets find all of the non-bin files in the app because these will not need to have execute permissions.

 

cd my_app
find -type f -not -path "./bin/*"

 

 
Once you're happy that this is finding the correct files, we can then add the permission change:

 

find -type f -not -path "./bin/*" -exec chmod 644 {} +

 

 

Then we'll need to deal with the bin directory, if your bin is entirely Python based, then because Python is an interpreted language (e.g. the Python binary executes and reads the Python scripts) we can remove the execution permissions from the bin contents too:

 

find -type f -path "./bin/*" -exec chmod 644 {} +

 

 

The only thing in your bin that will need execution permissions are shell scripts and other executables. You can explicitly set these individually with a chmod (e.g. allow all users to execute and read my_executable):

 

chmod 755 ./bin/my_executable

 

 

0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...