...ddresses. Is there a way to change this default for all Splunk REST API endpoints? I'd like to more tightly control access to these APIs, and defaulting open requires more effort to lockdown and makes it m...
I'm currently using PersistentServerConnectionApplication to implement custom API endpoints inside Splunk. Any changes I make in code delays about 1 or 2 minutes to start working. Is t...
...EC-specific structure required by the HEC JSON endpoint (services/collector). I understand the HEC-specific structure and the changes that I need to make. However, before I do that, I thought I'd ask: w...
...el="move"/> I see /move but not /save. Need help, finding rest endpoint, so that I can script (The save, with NO changes and Move), for all Splunk KOs (Savedsearches, Views, Eventtypes, etc...) for u...
...OT EDIT THIS FILE!
# Please make all changes to files in $SPLUNK_HOME/etc/apps/Splunk_TA_windows/local.
# To make changes, copy the section/stanza you want to change from $SPLUNK_HOME/etc/apps/S...
Looking for assistance with creating an email alert when an endpointchanges in logs.
We want to avoid multiple emails going out every 15 minutes and only send the email alert when the switch h...
...he app directory. I do however see other conf files, including "transforms" and "props".
B. Do I need an inputs.conf in the app directory, if so how/where should I start. What edits changes need to b...
...nterest)
My doubt is, what datamodel should I use? I'm between Endpoint and Change. But endpoint does not have a user field, I don't understand why ¿What would be the right approarch?
For f...
Hello,
i would like to see the Events associated to this source "Change - Abnormally High Number of EndpointChanges by User - Rule" How can i view them?
When i click on "Visualize Event" n...
Hi,
I already checked the API Endpoint list if my request is covered. But cannot find it.
I'd like to change the data input path for my deployment apps via the API from my deployment server....