Re: Splunk and Visual Studio Code

genesiusj · ‎12-12-2023

Hello,

I'm trying to find information on how to use Splunk with Visual Studio Code.

I have an authentication token on my development instance.
I've installed the Visual Studio Code Extension for Splunk on GitHub.

I'm lost from here on.

What do I enter in the url and webroot fields in the launch.json file?

    "configurations": [
        {
            "type": "chrome",
            "request": "launch",
            "name": "Launch Chrome against localhost",
            "url": "https://<host name>:8080",
            "webRoot": "${workspaceFolder}"
        }
    ]

This opens Splunk in my Chrome browser, but it is an empty search field.

I created splnb file in VSC, but when I run it, I receive ERROR: Unauthorized.

Thanks in advance for any direction provided.
God bless, Genesius

isoutamo · ‎12-18-2023

Hi

I'm expecting that you are running splunk on normal port 8089 and host is e.g. my.splunk.host. Then just put on your URL "https://my.splunk.host:8089" and it should work. Maybe it needs to restart VScode before it work?

Also you should create Token for authentication on splunk side and add it to your configuration.

For some reason I haven't those entries on my settings.json? I just use GUI to configure Splunk extension for vscode with items:

Splunk Rest Url
Token

Those two should be enough for using REST api for queries. 3rd one which you probably want to set it Splunk Search Head (https://my.splunk.host:8000).

r. Ismo

Splunk and Visual Studio Code

troubleshooting

using Splunk Enterprise

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Accelerating Observability as Code with the Splunk AI Assistant

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Join the Conversation