Documentation > Splunk > Developing Dashboards, Views, and Apps for Splunk Web > Configure App setup screen

Developing Dashboards, Views, and Apps for Splunk Web

 


Overview
Build your app
Customize Splunk Web
Advanced Web customization
UI Developer reference
Examples

Configure App setup screen

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

Configure App setup screen

This page describes how to create a setup screen for your App. Use this screen to expose custom configurations your App admin must configure before the App is usable. For example, specify inputs that your App is built on, or set up specific attributes of saved searches.

Create setup.xml

Setup screens are built by POSTing information to Splunk's REST endpoints . Most of the configuration files within Splunk have a corresponding endpoint. To learn more about endpoints, see the REST intro.

To create a setup page for your App, decide which endpoints you will be updating and which attributes within those endpoints you want to expose on your setup screen. Then, create a setup.xml within your App's default directory: $SPLUNK_HOME/etc/<app_name>/default/setup.xml.

Configure setup.xml

Setup.xml is made up of blocks, each of which has a title. So first, start your setup.xml with the setup tags and then add a block element. The block specifies which endpoint to use, relative to https://hostname:port/servicesNS/nobody/<app-name>/.

The following example uses the savedsearch endpoint and updates the saved search named foo. 

<setup>
  <block title="Basic stuff" endpoint="admin/savedsearch" entity="foo">
...  
  </block>
</setup>

To create a new entry rather than edit an already existing one, set the entity name to "_new". Make sure add the required field 'name' as an input.

setup inputs

Next, set up the input fields for your block. You can add any number of input fields. These fields update attributes of the entity/endpoint combination. The following example updates the is_scheduled attribute of the foo saved search: 

...
<block title="Basic stuff" endpoint="admin/savedsearch" entity="foo">
<text> some description here </text>
		
    <input field="is_scheduled">
	<label>Enable Schedule for foobar</label>
	<type>bool</type>
    </input>
...

bulk update

Bulk update all the entities available at a given endpoint by using a * and setting mode = bulk: 

...
<input entity="*" field="is_scheduled" mode="bulk">
  <label>Enable Schedule For All</label>
  <type>bool</type>
</input>
...

Nodes within the '<input>' attribute can reference field values within the entity they belong to using the $field_name$ notation. This is useful for constructing description/labels.

Example 

<setup>
	<block title="Basic stuff" endpoint="admin/savedsearch" entity="foobar">
		<text> some description here </text>
		
		<input field="is_scheduled">
			<label>Enable Schedule for foobar</label>
			<type>bool</type>
		</input>
		
		<input field="cron_scheduled">
			<label>Cron Schedule</label>
			<type>text</type>
		</input>
		<input field="actions">
			<label>Select Active Actions</label>
			<type>list</type>
		</input>
		
		<!-- bulk update  -->
		<input entity="*" field="is_scheduled" mode="bulk">
			<label>Enable Schedule For All</label>
			<type>bool</type>
		</input>
	</block>

	
	<block title="configure the inputs" endpoint="properties/inputs/">
	     <block entity="*" mode="iter">
		<input field="disabled">
			<label>disable $name$</label>
			<type>bool</type>
		</input>
	    </block>
	    
	    <block title="create a new input" entity="_new">
	    	<input target="name">
	    		<label>Input stanza</label>
	    		<type>text</type>
	    	</input>
	    	<input target="disabled">
	    		<label>Disabled</label>
	    		<type>bool</type>
	    	</input>
	    </block>	
	    	
	</block>
	
	<!--  example config for "Windows setup" defined:
	      http://twiki/twiki/bin/view/Main/AppSetup  
	 -->
	
	<block title="Collect Your Event Logs" endpoint="properties/inputs/" >
	     <text> some description here </text>
	
	     <block entity="WinEventLog:(Setup|System|Security|Application|ForwardedEvents)" mode="iter">
		<input field="disabled">
			<label>$disabled_label$</label>
			<type>bool</type>
		</input>
	    </block>
	
	</block>
	
	<block title="Index Your Local Registry" endpoint="properties/regmon-filters/">
	     <text> some description here </text>
	
	     <block entity="(User|Machine) keys">
		<input field="disabled">
			<label>$disabled_label$</label>
			<type>bool</type>
		</input>
		<input field="baseline">
			<label>$baseline_label$</label>
			<type>bool</type>
		</input>
	    </block>
	
	</block>
	
	<block title="Collect Local Statistics" endpoint="properties/wmi/" >
	     <text> some description here </text>
	
	     <block entity="WMI:CPUTime|WMI:Memory|WMI:LocalDisk|WMI:FreeDiskSpace">
		<input field="disabled">
			<label>$disabled_label$</label>
			<type>bool</type>
		</input>
		<input field="interval">
			<label>Poll Every (seconds)</label>
			<type>text</type>
			<validation>\d+</validation>
		</input>
	    </block>
	</block>
	
	
</setup>
Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.0.4/Developer/SetupApp"

This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6 , 4.0.7 , 4.0.8 , 4.0.9 , 4.0.10 , 4.0.11 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.