Solved: How can I retrieve a value from local .conf file a...

ektasiwani · ‎09-14-2015

Hi,

I have a file in local directory with name myconf.conf .
This file is create by setup form filled by user.
I want to know how can to use this values in splunk query.
Myconf.conf file contain data abount customer name and email and index.
this is what is stored in .conf file

[customerinfo]
custname = eku
custemail = eku@gmail.com
indexmain = main

My requirement is to use this value in search like
indexmain | stats count by custname

Any help is appreciated.

Thanks

bmacias84 · ‎09-14-2015

Hello @ektasiwani,

You can use the rest api to return configurations in Splunk. This works well for Splunk defined or Modular input conf files.

Using configs:

| rest  /services/configs/conf-authorize
OR
| rest  /services/configs/conf-<file>

Using properties endpoint:

| rest  /services/properties/authorize
OR
| rest  /services/properties/<conf_file>

Cheers,

View solution in original post

bmacias84 · ‎09-14-2015

Hello @ektasiwani,

You can use the rest api to return configurations in Splunk. This works well for Splunk defined or Modular input conf files.

Using configs:

| rest  /services/configs/conf-authorize
OR
| rest  /services/configs/conf-<file>

Using properties endpoint:

| rest  /services/properties/authorize
OR
| rest  /services/properties/<conf_file>

Cheers,

How can I retrieve a value from local .conf file and use in splunk query

Transforming Financial Data into Fraud Intelligence

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

How to send events & findings from AWS to Splunk using Amazon EventBridge

Are you a member of the Splunk Community?

How can I retrieve a value from local .conf file and use in splunk query

Transforming Financial Data into Fraud Intelligence

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

How to send events & findings from AWS to Splunk using Amazon EventBridge