Splunk IT Service Intelligence
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can ITSI Maintenance mode be set from a command line as opposed to via the GUI and if so, how?

pat_boyle
Engager
‎04-11-2018 08:08 PM

I'm lazy and a creature of habit. I do a regular weekly maintenance on our Splunk systems which necessitates setting up a bunch of maintenance windows in ITSI in advance via the GUI.

Is there a way to create an ITSI maintenance window from a command line / rest call - basically so I can set it up in CRON and get another 30 mins in bed?

All I need is to be able to specify:

  1. Which server
  2. A name for the window
  3. A Duration
  4. List of impacted services or entities
Reply
1 Solution
Solved! Jump to solution
Solution

jherring_splunk
Splunk Employee
Splunk Employee
‎08-07-2018 07:22 AM

It seems the REST interface might be a way to automate this:

http://docs.splunk.com/Documentation/ITSI/3.1.4/RESTAPI/ITSIRESTAPIreference#Maintenance_Services_In...

View solution in original post

0 Karma
Reply
Solved! Jump to solution

kartikaykv1
Explorer
‎05-15-2020 01:24 PM

Use the below CURL to put Entities in Maintenance mode.

Time should be in UTC.
Use _key id for entities.

curl -k -u admin:password https://localhost:8089/servicesNS/nobody/SA-ITOA/maintenance_services_interface/maintenance_calendar -X POST -H "Content-Type:application/json" -d '{"title":"TEST MW","start_time":1589705600,"end_time":1589709600,"objects":[{"object_type":"entity","_key":"52f345bd-9764-4bc1-82a1-040"},{"object_type":"entity","_key":"45de7c5f-0d5f-4d50-9910-a1a"}]}'

Reply
Solved! Jump to solution

nickmew
Path Finder
‎09-11-2020 08:12 AM

Slight alteration - I had to add underscores in the start_time, end_time, object_type and _key to get this to work:

curl -k -u username:password https://localhost:8089/servicesNS/nobody/SA-ITOA/maintenance_services_interface/maintenance_calendar -X POST -H "Content-Type:application/json" -d "{\"title\":\"TEST MW\",\"start_time\":1589705600,\"end_time\":1589709600,\"objects\":[{\"object_type\":\"entity\",\"_key\":\"10bc6ede-20f5-45a8-a19f-562ffc425f69\"}]}"

0 Karma
Reply
Solved! Jump to solution
Solution

jherring_splunk
Splunk Employee
Splunk Employee
‎08-07-2018 07:22 AM

It seems the REST interface might be a way to automate this:

http://docs.splunk.com/Documentation/ITSI/3.1.4/RESTAPI/ITSIRESTAPIreference#Maintenance_Services_In...

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...