Screenshot of the Custom Endpoint dashboard.
The files we will be creating:
- custom_endpoint.xml – our dashboards that will communicate with our custom endpoints
- custom_endpoint.py – Python script to handle our GET and POST requests
- restmap.conf – maps Python classes to uri paths
- web.conf – allows verbs (GET, POST etc.) to specific endpoints
- custom_endpoint.js – handles GET, POST requests on dashboards; communicates with custom endpoints
The following is not meant to be a real world example, but hopefully this provides some insight into how custom endpoints in Splunk work. So, this begs the question – what are some real-world examples of how custom endpoints can be utilized?
- Let’s say you need to pull data in from an external API or service – that may be a time to use a custom endpoint.
- Another example would be if you wanted a third-party service to pull data from Splunk. Setting up a custom endpoint and then allowing the service to GET data from the endpoint. These may be some examples I will cover in future screencasts and blog posts.
Because we will be dealing with user data, let’s create a sample user that we can work with. This user will simply be given the role of ‘user’.
Go to Settings < Access Controls and click ‘Add New’ next to Users and then fill out the form. I’m going to call my user ‘batman’: