In the Validate section, validate your add-on for best practices, and test the modular/scripted inputs, field extractions, and CIM mappings. The Splunk Add-on Builder shows you any errors or warnings, along with recommendations about how to address them.
Select the types of validations to perform:
- Best Practices
- CIM Mapping
- Field Extraction
- Modular Input
Click Validate to display the results.
|Health Score||This score is a validation score based on the errors, warnings, and failed rules.
This health score is valid in a local environment. The score could be different for the same add-on if the add-on were validated in other environments or at different times due to differences in global knowledge management and differences in indexed data. Use the health score as a subjective indicator about the overall quality of your add-on.
|Total Errors||The total number of errors that were found.|
|Total Warnings||The total number of warnings that were found.|
|Failure Rule Count||The number of errors and warnings per validation category.|
|Validation Result Distribution||The ratio of errors to warnings.|
|Rules Details||A list of all the errors and warnings, with details about the validation category, a description of the rule that was broken, and a suggested solution to fix the problem.
Sometimes the suggested remedy is to directly edit a configuration file (.conf). The configuration files for your app are located in $SPLUNK_HOME/etc/apps/TA_your_addon_name, and you can edit them in a text editor. After you save changes to the file, refresh Splunk Web by going to
For more information about the best practices for add-ons, see:
Map to CIM
This documentation applies to the following versions of Splunk® Add-on Builder: 1.1.0