Splunk Dev

Does an app built with the Splunk Java SDK require Splunk credentials?

dileepmandapam
New Member

Hi ,

I am developing a new App using Splunk Java SDK. My use-case requires writing data to index directly.
To do this, I need Splunk credentials (username, password). Asking users/customers to provide credentials as input to this app is a good practice?.

0 Karma

niketn
Legend

@dileepmandapam, if the intent of your app is to write data directly to Splunk without you can check out HTTP Event Collector, which will require an authentication token to be embedded in your request to HTTP Event Collector. Refer to the following walkthrough:
http://dev.splunk.com/view/event-collector/SP-CAAAE7F

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

dileepmandapam
New Member

@niketnilay: I am new to Splunk. Are there any existing app's which takes credentials as input ? is it a good practice?

0 Karma

niketn
Legend

@dileepmandapam if you want to stick to Splunk Java SDK, you are building your own app in Java and using Splunk SDK to connect to Splunk. Obviously Splunk would need authentication to allow logged in user to fetch data from Splunk. How you implement authentication is up to you. Splunk allows several authentication mechanisms including LDAP authentication as well. In other words, if logged in user is authenticated with LDAP you can plan seamless login to your app (without asking for credentials).

However, the HTTP Event Collector (HEC) that I mentioned is completely different approach for direct data ingestion to Splunk. What it means is that you have a Java based code that needs to write to Splunk, then you can setup (HEC) in Splunk and generate an authentication token. Within your Java Application you can create JSON packets within your App and push to Splunk through the authentication token. The user will not be aware of these things happening in background as developer would be setting these up in code.

If Steps in the Splunk Dev Site seemed too much you can spare 10 minutes to watch this quick HEC setup video on Splunk How To channel: https://www.youtube.com/watch?v=9awwyjORWO8

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

dileepmandapam
New Member

@niketnilay Thanks. I have one more question. Can I send JSON text using EventWriter?. Is it efficient?
Event event = new Event();
event.setData(JSON);
ew.writeEvent(event)

I need to hit a REST EndPoint for every 1 hour.

0 Karma

niketn
Legend

If it just cooks up required JSON payload then yes you can, specially if it is already being used at your enterprise. You can dummy some data and test using curl (on *NIX) or Postman (on Windows) to see if data is getting ingested as expected or not.

HTTP Event Collector is one of the rapid data ingesting implementation which is specially popular with IOT and mobile devices so it is very responsive however it had to go through Heavy Forwarder.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

niketn
Legend

@dileepmandapam, if your issue is resolved, do not forget to accept the Answer and up vote the comments that helped.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...