Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to create spl file?

Daniil_group_ib
New Member
‎08-11-2022 03:38 AM

Hi, i have some problems with create spl file, which using to integrate into splunk es.

0 Karma
Reply

effem2
Path Finder
‎08-16-2022 06:58 AM

Hi Daniil,

 

you can package Apps like that in multiple ways see:
https://dev.splunk.com/enterprise/docs/releaseapps/packageapps/

Easiest would probably be to utilize Splunk.

example:

/opt/splunk/bin/splunk package app <appname>
0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎08-11-2022 03:41 AM

What do you mean with "problems with create spl file"? the .spl file extension can be just a renamed .tgz extension. Additionally you can install an app packaged as a tgz into splunk. 

What are you trying to accomplish?

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply

Daniil_group_ib
New Member
‎08-12-2022 05:05 AM

I mean that in order to create my own integration with splunk, I need to upload a spl file into it, I don’t really understand how I pack my project into this file for integration with the system

0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎08-17-2022 07:39 AM

You just need to make sure the app structure is all there (include default folder with app.conf, metadata with default.meta and whatever other .conf files you want to include) a then just make a tar of the whole thing. The .spl file is just a .tar with a renamed extension.

Check this section of the link effem2 shared regarding 3rd party utilities:
https://dev.splunk.com/enterprise/docs/releaseapps/packageapps/#Third-party-utilities-and-CLI-comman...

Other option is, If you have it your all in a github repo, you can use GitHub actions to do that for you.

Check one of my repos: https://github.com/diogofgm/TA-aruba_networks

I have some workflows for GitHub actions there that packs the app as a tar.gz, runs splunk app inspect on it and uploads it to GitHub as a action result that you can then download and install it into splunk.

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...