- Find Answers
- :
- Premium Solutions
- :
- Splunk ITSI
- :
- Re: Create new ITSI Glass Table through - Rest API...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Create new ITSI Glass Table through - Rest API call
Hi Guys
I would like to create new glass tables through Rest API calls - but am failing as am not able to pass proper arguments needed for POST action of API call of ITSI glass table.
for example:
curl -k -u admin:password https://localhost:8089/servicesNS/nobody/SA-ITOA/itoa_interface/entity -H "Content-Type:
application/json" -X POST -d '{"component": ["PerProcess"],"informational": {"fields": ["info"],"values": ["field"]},"_version":
"3.0.0","title": "PerProcess","object_type": "entity","_type":"entity","identifier": {"fields": ["component"],"values":
["PerProcess"]}}'
This above call creates a new Entity in ITSI through Rest API call which is given in this doc
http://docs.splunk.com/Documentation/ITSI/3.0.1/RESTAPI/ITSIRESTAPIreference
i would like to create a new Glass Table in this way.
Help is appreciated
Thanks
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is how i managed to create glass tables via REST calls.
Method: POST
Endpoint: /servicesNS/nobody/SA-ITOA/itoa_interface/glass_table
JSON: {
"content": [
],
"acl": {
"can_share_global": true,
"sharing": "app",
"perms": {
"read": [
"*"
],
"write": [
"*"
]
},
"can_write": true,
"owner": "xxx",
"can_share_app": true,
"modifiable": true,
"can_change_perms": true,
"can_share_user": true
},
"identifying_name": "xxx",
"title": "xxx",
"_owner": "nobody",
"_user": "nobody"
}
Make sure to fill in owner, title, identifying_name and modify any true/false based on your needs.
Good luck!
,Here is how i managed to create glass tables via REST calls.
Method: POST
Endpoint: /servicesNS/nobody/SA-ITOA/itoa_interface/glass_table
JSON:
{
"content": [
],
"acl": {
"can_share_global": true,
"sharing": "app",
"perms": {
"read": [
"*"
],
"write": [
"*"
]
},
"can_write": true,
"owner": "xxx",
"can_share_app": true,
"modifiable": true,
"can_change_perms": true,
"can_share_user": true
},
"identifying_name": "xxx",
"title": "xxx",
"_owner": "nobody",
"_user": "nobody"
}
Make sure to fill in owner, title, identifying_name and modify any true/false based on your needs.
Good luck!
,Here is how i managed to create glass tables via REST calls.
Method: POST
Endpoint: /servicesNS/nobody/SA-ITOA/itoa_interface/glass_table
JSON: {
"content": [
],
"acl": {
"can_share_global": true,
"sharing": "app",
"perms": {
"read": [
"*"
],
"write": [
"*"
]
},
"can_write": true,
"owner": "xxx",
"can_share_app": true,
"modifiable": true,
"can_change_perms": true,
"can_share_user": true
},
"identifying_name": "xxx",
"title": "xxx",
"_owner": "nobody",
"_user": "nobody"
}
Make sure to fill in owner, title, identifying_name and modify any true/false based on your needs.
Good luck!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not sure the exact curl command being used but was able to create an empty Glass Table using the following on ITSI v4:
curl -k -u admin https://localhost:8089/servicesNS/nobody/SA-ITOA/itoa_interface/glass_table -H "Content-Type:application/json" -X POST -d '{"_owner": "admin","title": "test_API_glass_table","description": "test_glass_table","object_type": "glass_table","latest": "now","latest_label": "now","svg_coordinates": {"viewdy": 0, "viewdx": 0}, "is_epoch": "false", "templateSwappableServiceIds":[]}'
Don't know if this helps.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
One of the engineers on the ITSI team tested out creating a glass table using the endpoint and it appears to be broken. We have filed a bug to fix this issue. Sorry for the inconvenience.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @hjauch
Thanks for the reply,
I was able to update, delete the glass table using the same end point, but am not sure why only create is not working.
if possible, please provide with a work around untill a new patch is released.
Thank you
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The workaround is to create the glass table through the UI until a fix can be made.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi hjauch
This issue was not fixed & end point is not working in new and updated ITSI 4.0 version.
Please guys can you look and fix this issue at least in next release.
Thanks
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You are correct, the issue has not been fixed yet. It is issue # ITSI-918. Sorry about the inconvenience.
Some information on what you are trying to accomplish may be helpful. Are you trying to create an empty glass table or a glass table with widgets?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please, Can someone from Splunk answer this question
Thanks
Enterprise Security Content Update (ESCU) | New Releases
Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?
Index This | What are the 12 Days of Splunk-mas?
