Solved: Re: How can I retrieve a value from local .conf fi...

ektasiwani · ‎09-14-2015

Hi,

I have a file in local directory with name myconf.conf .
This file is create by setup form filled by user.
I want to know how can to use this values in splunk query.
Myconf.conf file contain data abount customer name and email and index.
this is what is stored in .conf file

[customerinfo]
custname = eku
custemail = eku@gmail.com
indexmain = main

My requirement is to use this value in search like
indexmain | stats count by custname

Any help is appreciated.

Thanks

bmacias84 · ‎09-14-2015

Hello @ektasiwani,

You can use the rest api to return configurations in Splunk. This works well for Splunk defined or Modular input conf files.

Using configs:

| rest  /services/configs/conf-authorize
OR
| rest  /services/configs/conf-<file>

Using properties endpoint:

| rest  /services/properties/authorize
OR
| rest  /services/properties/<conf_file>

Cheers,

View solution in original post

bmacias84 · ‎09-14-2015

Hello @ektasiwani,

You can use the rest api to return configurations in Splunk. This works well for Splunk defined or Modular input conf files.

Using configs:

| rest  /services/configs/conf-authorize
OR
| rest  /services/configs/conf-<file>

Using properties endpoint:

| rest  /services/properties/authorize
OR
| rest  /services/properties/<conf_file>

Cheers,

How can I retrieve a value from local .conf file and use in splunk query

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

Elevate Your Organization with Splunk’s Next Platform Evolution

Splunk Answers Content Calendar, June Edition

Are you a member of the Splunk Community?

How can I retrieve a value from local .conf file and use in splunk query

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

Elevate Your Organization with Splunk’s Next Platform Evolution

Splunk Answers Content Calendar, June Edition