- Splunk Answers
- :
- Using Splunk
- :
- Splunk Dev
- :
- Access Splunk app using Python SDK?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am building a web app using Python to service a dashboard to users that we don't want to have direct access to Splunk.
On Splunk search head, URL to the app is https://my.splunk.search.hear:8000/en-US/app/myapp/summary
So, here is a little Python code snippet:
import splunklib.client as client
spconf = appconf['splunk']
splunk = client.connect(**spconf['server'])
result = splunk.get(spconf['index'])
return dict(content=result.body.read())
Where, appconf is read out of a JSON file like this:
{
"splunk":
{
"server":
{
"host": "*my.splunk.search.head*",
"port": 8089,
"username": "*username*",
"password": "*password*",
"app": "myapp"
},
"index": "summary"
}
}
But all I am getting is 404 on the splunk.get() call.
Thanks in advance for any insights.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It sounds like you want to be searching Splunk for some results and perhaps that search is embedded in a particular app somewhere. So, the optimal way to expose results from Splunk in this scenario would be to execute the search from the python SDK and then return the results to your custom web app that is serving those customers/end users who are not logging in directly to the Splunk UI.
We have a number of search examples for the Python SDK here: http://dev.splunk.com/view/SP-CAAAEE5
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It sounds like you want to be searching Splunk for some results and perhaps that search is embedded in a particular app somewhere. So, the optimal way to expose results from Splunk in this scenario would be to execute the search from the python SDK and then return the results to your custom web app that is serving those customers/end users who are not logging in directly to the Splunk UI.
We have a number of search examples for the Python SDK here: http://dev.splunk.com/view/SP-CAAAEE5
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
enter code hereIt seems that error 404 is "app template does not exist"
Your API endpoint doesn't exist, as specified in API endpoint
If you want to get index in specified app namespace in Splunk:
.splunkrc
host=localhost
port=8089
username=admin
password=changeme
scheme=https
app=yourapp
Code
usage = 'usage: %prog [options] <filename>*'
opts = parse(argv, RULES, ".splunkrc", usage=usage)
kwargs_splunk = dslice(opts.kwargs, FLAGS_SPLUNK)
service = client.connect(**kwargs_splunk)
name = opts.kwargs['index']
if not service.indexes.contains(name):
error("Index '%s' does not exist." % name, 2)
index = service.indexes[name]
You can change the configuration file to JSON format to get service instance.
I hope it'll work
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks. OK. I replaced this line:
result = splunk.get(spconf['index'])
with:
result = splunk.indexes[spconf['index']].get()
I got a result in XML, which seems to be data about the app I want to access, not the result from the app.
I think I may be going at it in the wrong way. I think I need to get results from the app through the splunk web, rather through the splunkd (I am guessing that's what port 8089 is).
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
