What's new
Here's what's new in each version of the Splunk Add-on Builder.
Version 1.1.0
What's new in this release:
- Additional data formats (JSON, XML, and tabular) are now supported, improving field extraction.
- Adding sample data is easier, with the option to upload sample data files and indexed data from Splunk Enterprise.
- Support for field extraction and CIM mapping has been added for indexed data in Splunk Enterprise.
- The framework for modular inputs has changed. See below for details about migrating your code.
- Bug fixes. For details, see Fixed issues.
Migrating modular input code from an earlier release
The framework for modular inputs has changed. If you are upgrading the Add-on Builder app from a previous release, update your Python code for any modular inputs you created as described below.
Create events
Use the self.new_event method to create events for modular inputs rather than creating an event directly using smi.Event. The arguments are the same.
For example, in the auto-generated code for modular inputs, you would update the sample code as follows.
1. Find this line:
event = smi.Event(source=self.input_name, index=self.output_index, sourcetype=self.output_sourcetype, data=data)
2. Replace it with this line:
event = self.new_event(source=self.get_input_name(), index=self.get_output_index(), sourcetype=self.get_sourcetype(), data=data)
Read configurations from setup pages
The following example code, also included in the auto-generated code for modular inputs, shows how to read configurations from setup pages in the new framework for version 1.1.0:
arg_value = self.get_arg('arg_name') proxy_settings = self.get_proxy() account = self.get_user_credential("admin") userdefined = self.get_global_setting("userdefined")
Version 1.0.1
What's new in this release:
- Bug fixes. For details, see Fixed issues.
Version 1.0.0
This is the first release of the Splunk Add-on Builder.
Advanced | Known issues |
This documentation applies to the following versions of Splunk® Add-on Builder: 1.1.0
Feedback submitted, thanks!