- Splunk Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Is there a reference for the syntax of configurati...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The pages in [this section][1] give some pointers about what syntax is allowed, but I cannot find a full reference. Is that available?
Alternatively, is there a parser for configuration files available in the Python SDK? I found [this example code][2] but when I use it to read a configuration file for my add-on/plugin/app ( service.confs["myconfigname"]), the result is just empty. A nonexistent name results in a KeyError, so by not raising an exception it confirms that it knows what I'm talking about but still refuses to return the sections ("stanza"s) and settings contained in that file. Looking at the source code, it doesn't actually read and parse the file but queries the API instead. Note that the setup page happily works with it, so Splunk can perfectly read the default values from the file and write to its local/ counterpart. A parser like splunklib.parseConf("myconfigname.conf") that reads the actual file would also solve the problem.
[1] https://docs.splunk.com/Documentation/Splunk/8.0.1/Admin/Aboutconfigurationfiles
[2] https://github.com/splunk/splunk-sdk-python/blob/master/examples/conf.py#L121
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In Splunk Enterprise there is a folder that contains <file>.conf.spec and <file>.conf.example files. This folder path is /opt/splunk/etc/system/README.
Spec files provide great detail into that specific configuration file's formats and stanza requirements.
Example files provides an example of that file.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In Splunk Enterprise there is a folder that contains <file>.conf.spec and <file>.conf.example files. This folder path is /opt/splunk/etc/system/README.
Spec files provide great detail into that specific configuration file's formats and stanza requirements.
Example files provides an example of that file.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks 13tsavage, that helps! I see there is a conf_checker.rules file that contains the spec in plain text, even if it starts with "Warning: This may go out of date. Crossing fingers." 😄
Splunk Custom Visualizations App End of Life
Introducing Splunk Enterprise 9.2
Adoption of RUM and APM at Splunk
