All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Could I use REST API to create a monitor input from the script of a modular input?

lzhang_soliton
Path Finder
‎01-23-2014 01:28 AM

For creating a monitor input of our product, our customers have to type correct sourcetype and complex regular expression for whitelist. We want to create a simplified UI by using Modular Input. In the script a monitor input will be made automatically as same as adding it manually.
Could you tell me that is a good idea or bad one?
Even if our customers have correct permission, we are not sure if authentication tokens are necessary in the script.

Tags (1)
Reply

Damien_Dallimor
Ultra Champion
‎02-12-2014 11:26 PM

Using Modular Inputs as a proxy just for creating a Monitor Input is a bit of a hack , and limiting what you can do in the UI.
Have you considered using the Web Framework and building a custom setup page for your Monitor Inputs (with you simplified approach). Your custom setup page could have whatever JS/HTML/CSS you want to provide your simpler experience for your users , and then you could have some Django serverside logic for your setup page that uses the Splunk REST API to create the Monitor Input stanza for you.

0 Karma
Reply

halr9000
Motivator
‎02-12-2014 09:18 AM

Sure you can. Splunk does this type of thing to aid in the install-time experience for some of our premium apps. Also consider that Splunk Web is built on top of the REST API itself. Start with a POST to data/inputs/monitor.

As to the authority question, the user executing the actions would have to have the correct permission in Splunk.

0 Karma
Reply

lzhang_soliton
Path Finder
‎02-12-2014 09:02 PM

Thanks for your answer. I reviewed my question and I think I did not describe it clearly, so I rewrote it. Could you check it again?

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...