Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to create spl file?

Daniil_group_ib
New Member
‎08-11-2022 03:38 AM

Hi, i have some problems with create spl file, which using to integrate into splunk es.

0 Karma
Reply

effem2
Path Finder
‎08-16-2022 06:58 AM

Hi Daniil,

 

you can package Apps like that in multiple ways see:
https://dev.splunk.com/enterprise/docs/releaseapps/packageapps/

Easiest would probably be to utilize Splunk.

example:

/opt/splunk/bin/splunk package app <appname>
0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎08-11-2022 03:41 AM

What do you mean with "problems with create spl file"? the .spl file extension can be just a renamed .tgz extension. Additionally you can install an app packaged as a tgz into splunk. 

What are you trying to accomplish?

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply

Daniil_group_ib
New Member
‎08-12-2022 05:05 AM

I mean that in order to create my own integration with splunk, I need to upload a spl file into it, I don’t really understand how I pack my project into this file for integration with the system

0 Karma
Reply

diogofgm
SplunkTrust
SplunkTrust
‎08-17-2022 07:39 AM

You just need to make sure the app structure is all there (include default folder with app.conf, metadata with default.meta and whatever other .conf files you want to include) a then just make a tar of the whole thing. The .spl file is just a .tar with a renamed extension.

Check this section of the link effem2 shared regarding 3rd party utilities:
https://dev.splunk.com/enterprise/docs/releaseapps/packageapps/#Third-party-utilities-and-CLI-comman...

Other option is, If you have it your all in a github repo, you can use GitHub actions to do that for you.

Check one of my repos: https://github.com/diogofgm/TA-aruba_networks

I have some workflows for GitHub actions there that packs the app as a tar.gz, runs splunk app inspect on it and uploads it to GitHub as a action result that you can then download and install it into splunk.

------------
Hope I was able to help you. If so, some karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...