×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
kenchansan
New Member
Member since: ‎08-08-2023
‎08-09-2023
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎08-08-2023
Activity Feed
View All

How to install local app via rest API?

by in Getting Data In
‎08-08-2023 06:30 PM
‎08-08-2023 06:30 PM
Hi All, trying to install an app I have locally via API. I have tried both curl command and python script Curl Command: curl -k -u admin:YOUR_SPLUNK_PASSWORD \ -X POST https://YOUR_SPLUNK_HOST:8089/services/apps/local \ -H "Content-Type: multipart/form-data" \ -F "name=appname" \ -F "appfile=@/path/to/your/app_package.tar.gz" The error I get is the following: <msg type="ERROR">Error during app install: failed to extract app from app_package.tar.gz to /opt/splunk/var/run/splunk/bundle_tmp/7391c87f2a023fd5: No such file or directory</msg> Python script: import splunklib.client as client import splunklib.results as results import requests # Splunk server details splunk_host = 'hostname' splunk_port = 8089 splunk_username = 'splunk_user' splunk_password = 'splunk_password' # App installation details app_package_path = '/path/to/custom_app.tgz' app_name = 'custom_app' # Connect to Splunk service = client.connect( host=splunk_host, port=splunk_port, username=splunk_username, password=splunk_password ) # Install the app try: endpoint = f'/services/apps/local' headers = {'Authorization': f'Splunk {service.token}'} files = {'app_package': open(app_package_path, 'rb')} data = {'app': app_name} app_response = requests.post( f'https://{splunk_host}:{splunk_port}{endpoint}', headers=headers, files=files, data=data, verify=False # Disabling SSL certificate verification (for self-signed certificates) ) app_status = app_response.status_code if app_status == 200: print(f"App '{app_name}' was successfully installed.") else: print(f"Failed to install app '{app_name}'. Status code: {app_status}") except Exception as e: print(f"An error occurred: {str(e)}") # Disconnect from Splunk service.logout()   The error I get: /usr/lib/python3/dist-packages/urllib3/connectionpool.py:1015: InsecureRequestWarning: Unverified HTTPS request is being made to host '127.0.0.1'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings warnings.warn( Failed to install app 'custom_app'. Status code: 400 In both cases, I have confirmed that I am able to connect and query Splunk, so there shouldn't be any connectivity issues. I have also confirmed that I can manually install the app so there shouldn't be any issues with the tgz file. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎08-09-2023 12:28 AM