Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About splunkbot22
splunkbot22
New Member
Member since:
05-23-2018
06-05-2020
Community Statistics
| Posts | 8 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 05-23-2018 |
Activity Feed
- Posted Re: How to set python script to run automatically on a custom app. on Splunk Search. 07-22-2018 05:50 AM
- Posted Re: How to set python script to run automatically on a custom app. on Splunk Search. 07-22-2018 05:48 AM
- Posted Re: How to set python script to run automatically on a custom app. on Splunk Search. 07-22-2018 05:44 AM
- Posted How to set python script to run automatically on a custom app. on Splunk Search. 07-20-2018 01:27 AM
- Tagged How to set python script to run automatically on a custom app. on Splunk Search. 07-20-2018 01:27 AM
- Tagged How to set python script to run automatically on a custom app. on Splunk Search. 07-20-2018 01:27 AM
- Tagged How to set python script to run automatically on a custom app. on Splunk Search. 07-20-2018 01:27 AM
- Tagged How to set python script to run automatically on a custom app. on Splunk Search. 07-20-2018 01:27 AM
- Posted View Page displaying conf file settings on Splunk Dev. 05-29-2018 08:14 AM
- Tagged View Page displaying conf file settings on Splunk Dev. 05-29-2018 08:14 AM
- Tagged View Page displaying conf file settings on Splunk Dev. 05-29-2018 08:14 AM
- Tagged View Page displaying conf file settings on Splunk Dev. 05-29-2018 08:14 AM
- Tagged View Page displaying conf file settings on Splunk Dev. 05-29-2018 08:14 AM
- Tagged View Page displaying conf file settings on Splunk Dev. 05-29-2018 08:14 AM
- Posted Splunk Rest API on All Apps and Add-ons. 05-23-2018 08:50 AM
- Tagged Splunk Rest API on All Apps and Add-ons. 05-23-2018 08:50 AM
- Tagged Splunk Rest API on All Apps and Add-ons. 05-23-2018 08:50 AM
- Tagged Splunk Rest API on All Apps and Add-ons. 05-23-2018 08:50 AM
- Tagged Splunk Rest API on All Apps and Add-ons. 05-23-2018 08:50 AM
- Tagged Splunk Rest API on All Apps and Add-ons. 05-23-2018 08:50 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
07-22-2018
05:50 AM
Hello,
Thanks for the reply, I had already set the interval crontab syntax in the inputs.conf file. However can you elaborate more how i can make an impression of the data? And how i can update the existing lookups file with it?
... View more
07-22-2018
05:48 AM
Hi,
the location of my python file is under /app/bin and the location of the inputs.conf file is in the /apps/default directory of my app .
Content of my inputs.conf is
[script://opt/splunk/etc/apps/School/bin/retreivefromthreatcrowd.py]
interval=60
disabled=false
source=script://./bin/retreivefromthreadcrowd.py
... View more
07-22-2018
05:44 AM
Hi,
Thank you for the reply, i have already add the script and interval properties in the inputs.conf under the default directory on my app. However can you further elaborate how do i make an impression of the data in the standard output? Or append he api response into the csv file?
... View more
07-20-2018
01:27 AM
Hello guys, I am new to Splunk. I need help in letting the python script i have created to run automatically every month. My python script is able to get API JSON output and create a lookup file or update existing one. Now i need it to run it automatically in the APPS/bin folder i have already configured the inputs.conf file but the script is not or creating the csv lookup file!
... View more
05-29-2018
08:14 AM
Hello guys, I am quite new to I have created an APP and have also successfully done a setup file. Now i am trying to make a view page in my APP to allow people to see what ports Splunk is using as well as letting them to delete those port or edit them. Any ideas how i can do that? Do i have to write a script and then point the view page to the script to display all the settings? Also i seemed to have come upon on the endpoint that allow user to get specific stanza so how should i go about to show the settings to a user in a page?
... View more
05-23-2018
08:50 AM
Hi guys i am new to Splunk and i am currently creating a UI page for my app to let users set what port the APP is listening for to collect logs from remote server
So far i am able to get my existing setting from the rest api.
Therefore, how can i get the value from the Data input parameters to post it on the inputs.conf file to set splunk to listening on the port?
In addition, what values do i have to set on the 2 parameters?
... View more
05-23-2018
06:39 AM
Thank you for your reply, it help me to cut down on some things that i am confused about.
For starters, right now after creating my APP i am trying to let my APP to automatically listen on port 514 TCP by default which i do not know how to implement.
Also to simplify my previous question my goal is to set up a page UI in my APP somewhat similar to splunk default Local inputs where you can set it at the setting under TCP and UDP. However what i am looking for is to allow my users to easily access that page instead of splunk and set whatever configurations they want to such as any TCP or UDP port and also the sourcetype and index name they want.
For my remote syslog host i have already configured a custom fowarder and is successful in using the default splunk setting to allow the logs to be sent through any port such as tcp port 8888 and receiving the logs as the source type i have named such as custom_logs into the default index.
I hope to implement this setting as a page on my APP to tell my app to listen on whichever port the user would want and i have no idea where to start from.
... View more
05-23-2018
01:39 AM
Hi guys i just started using Splunk and i am trying to create a Splunk app that will connect to any syslog server over the internet to get raw TCP or UDP logs from a remote server into splunk index and i do not know how to implement it. I want to include a page UI for the user on my APP to easily configure the details of the remote server such as choosing TCP or UDP connection, Port, which network to exclude out, the IP address of the server...etc.
Currently i am unsure about how to set up the page to configure the settings for the UI, i want my end product to turn out similar to splunk data inputs but want the page to exist in a page on my app. I do not want to use any other add-on.
1) Where do i create the page? On the APP or on the APP add-on
2) Do i have to use modular inputs?
3) Does the page need to use the setup tag or form tag ? (I want it as a page that exist in the nav bar)
4) Do i have to create a python script to link the inputs in the UI page to inputs.conf file?
5) Do i have to edit the restmap.conf file first to link the python script to restmap.conf?
6) Can i create a button on the page to test for connectivity after the user saved the settings?
7) Do i have to make a custom stanza for it and point the input to the stanza value? If so how do i specify in the stanza that it comes from inputs e.g. leaving it blank
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:04 AM
|
