Splunk Enterprise
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to create spl file?

Daniil_group_ib
New Member
‎08-11-2022 03:38 AM

Hi, i have some problems with create spl file, which using to integrate into splunk es.

0 Karma
Reply

effem2
Path Finder
‎08-16-2022 06:58 AM

Hi Daniil,

 

you can package Apps like that in multiple ways see:
https://dev.splunk.com/enterprise/docs/releaseapps/packageapps/

Easiest would probably be to utilize Splunk.

example:

/opt/splunk/bin/splunk package app <appname>
0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎08-11-2022 03:41 AM

What do you mean with "problems with create spl file"? the .spl file extension can be just a renamed .tgz extension. Additionally you can install an app packaged as a tgz into splunk. 

What are you trying to accomplish?

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply

Daniil_group_ib
New Member
‎08-12-2022 05:05 AM

I mean that in order to create my own integration with splunk, I need to upload a spl file into it, I don’t really understand how I pack my project into this file for integration with the system

0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎08-17-2022 07:39 AM

You just need to make sure the app structure is all there (include default folder with app.conf, metadata with default.meta and whatever other .conf files you want to include) a then just make a tar of the whole thing. The .spl file is just a .tar with a renamed extension.

Check this section of the link effem2 shared regarding 3rd party utilities:
https://dev.splunk.com/enterprise/docs/releaseapps/packageapps/#Third-party-utilities-and-CLI-comman...

Other option is, If you have it your all in a github repo, you can use GitHub actions to do that for you.

Check one of my repos: https://github.com/diogofgm/TA-aruba_networks

I have some workflows for GitHub actions there that packs the app as a tar.gz, runs splunk app inspect on it and uploads it to GitHub as a action result that you can then download and install it into splunk.

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...