Validate and package
In Validate & Package:
- Validate your add-on for best practices and Splunk App Certification, and test your data inputs, field extractions, and data model mappings. The Splunk Add-on Builder shows you any errors or warnings, along with recommendations about how to address them.
- Download your add-on package as an SPL file. The SPL format is identical to the tar archive format, but uses the .spl extension rather than .tar.gz.
Validate the add-on
You can select from the following types of validation to perform on your add-on:
- Best Practices
- Data Model Mapping
- Field Extraction
To validate your add-on
- On your add-on homepage, click Validate & Package on the Add-on Builder navigation bar.
- Click Validate to run the validation and and display the results.
Overall Health Report | This report displays a health validation score based on the errors, warnings, and failed rules. If you are validating for app precertification, this section also lets you know whether your app is ready to be submitted to Splunk App Certification.
This health score is valid in a local environment. The score could be different for the same add-on if the add-on were validated in other environments or at different times due to differences in global knowledge management and differences in indexed data. Use the health score as a subjective indicator about the overall quality of your add-on. |
Error | The total number of errors that were found. |
Warning | The total number of warnings that were found. |
Pass | The number of rules that your add-on passed. |
Validation result distribution | A chart displaying the breakdown of the validation results. |
Validation Rule Details | A list of all the validation rules, with details about the validation category, a description of the rule, and a suggested solution to fix the problem for rules that your add-on did not pass.
Sometimes the suggested remedy is to directly edit a configuration file (.conf). The configuration files for your app are located in $SPLUNK_HOME/etc/apps/TA_your_addon_name, and you can edit them in a text editor. After you save changes to the file, refresh Splunk Web by going to |
For more information about the best practices for add-ons, see:
- About Splunk add-ons in the Splunk Add-ons manual.
Download the add-on package
Creating the installation package for an add-on includes packaging the props, transforms, tags, event types, lookups, modular inputs, setup screens, modular alerts, and prebuilt panels into a single new app and exporting it to a downloadable file.
If you have added or modified any files directly in the file system rather than using Add-on Builder, be sure you follow the recommendations in Modify files directly before you package your add-on.
splunkd must have OS-level access to all files that you manually copy to your add-on directory. splunkd permission is defined by the user running Splunk Enterprise. Insufficient access permission is indicated by a grayed-out Download Package button.
To download your add-on package file
- On your add-on homepage, click Validate & Package on the Add-on Builder navigation bar.
- Click Download Package to download the installation package for the add-on as an SPL file.
Create alert actions | Use the add-on |
This documentation applies to the following versions of Splunk® Add-on Builder: 4.1.0
Feedback submitted, thanks!