Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is the REST API incomplete with respect to Deployment steps

perichandra
Explorer
‎07-18-2013 12:06 AM

I went through the Splunk REST API documentation at http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTdeploy
and am unable to find the APIs that would cover all the steps needed to remotely carry out the deployment process. While I find the APIS to create higher level entities such as deployment servers/clients and server classes and to propagate manually created configs, I see no APIs for lower level details such as creating the config details for inputs and forwarders under particular server classes.

I would appreciate it if anyone could confirm that it is indeed so, if not, where the API is for doing them.

If the Splunk REST API is indeed incomplete in those respects, how do large Splunk farms manage deployment processes? They log in to master deployment servers and manually create configs on the masters and propagate them? Or is there an App to do these?
Thanks.

Tags (2)
0 Karma
Reply

jkat54
SplunkTrust
SplunkTrust
‎01-04-2019 06:10 AM

Install Telerik’s fiddler, enable ssl decryption, do everything you want to do in your question/use case while recording the traffic, then use the recorded steps to see which API calls with which headers and payloads, etc were sent to complete each task.

The WebUI is all just pretty js, pictures and buttons that create the rest calls you’ll see in fiddler.

0 Karma
Reply

jkat54
SplunkTrust
SplunkTrust
‎01-04-2019 06:13 AM

Tip, DS reloads after every change to apps/classes in the UI

0 Karma
Reply

tulakayre
New Member
‎11-09-2014 11:58 PM

Is there any REST API method available NOW for -- create deployment-apps
Splunk version 6.1.3

0 Karma
Reply

jaxjohnny2000
Builder
‎01-04-2019 06:06 AM

There is not, even now in version 7.2.1, a way to fully manage the Deployment server or deployment-apps or even compare conf files from one deployment app to another.

0 Karma
Reply

perichandra
Explorer
‎07-22-2013 06:01 AM

Hi Sowings
What do you think of the answer by Monzy below pointing to http://docs.splunk.com/Documentation/Splunk/5.0.3/RESTAPI/RESTconfigurations?

It appears to control only the configs of local Splunk server not the configs being prepared for remote deployment.

0 Karma
Reply

monzy
Communicator
‎07-19-2013 04:37 PM

is it possible for you to modify config files using the REST API steps documented here:
http://docs.splunk.com/Documentation/Splunk/5.0.3/RESTAPI/RESTconfigurations

0 Karma
Reply

sowings
Splunk Employee
Splunk Employee
‎07-18-2013 04:53 AM

For a quick answer about how this is managed, yes, it's typical to log in to the deployment manager and modify serverclass.conf directly.

The configs portion of the API works directly on the apps in $SPLUNK_HOME/etc/apps, not the deployment-apps hierarchy used (by default) on the deployment manager. At present, I'm not aware of any Splunkbase apps or other UI to make the process of creating the deployment-apps any easier.

0 Karma
Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...