Splunk Enterprise
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

UF directories structure

splunkreal
Influencer
‎03-05-2026 07:48 AM

Hello,

On UF I've seen that we put pem certificates in etc/apps/myapp/default/data
On our servers however I've seen something like etc/apps/myapp/data

Are there rules or both are ok? (they are working but are they best practices?)

Thanks!

* If this helps, please upvote or accept solution if it solved *
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎03-05-2026 02:01 PM

Well, for certificates, to which you have to point Splunk explicitly, it doesn't matter much. The "default" directory is important for Splunk config files due to rules regarding building effective config, file preferences and all that but whether a pem file is placed here or there doesn't matter as long as it's readable.

One caveat - it could matter if you were pushing it to SHs from the deployer because different push modes can result in different app contents.

Reply

isoutamo
SplunkTrust
SplunkTrust
‎03-13-2026 01:32 PM
My habit it to use .../myapps/certs directory for those. And then point to correct files in needed e.g. servers.conf or outputs.conf in default and/or local directory based on is those my own apps or someones else.
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...