Splunk® Add-on Builder

Splunk Add-on Builder User Guide

Download manual as PDF

Download topic as PDF

About the Splunk Add-on Builder

The Splunk Add-on Builder helps you build and validate technology add-ons for your Splunk platform deployment. The Splunk Add-on Builder is ideal for:

  • Splunk admins who would like to onboard additional data into the Splunk platform.
  • Developers who are looking for a tool to help them build and validate a Splunk add-on.

How an add-on helps you use the Splunk platform

An add-on is a reusable Splunk component that is dedicated to a specific function within a Splunk deployment, such as getting a unique set of system data in and out of the Splunk platform.

Add-ons can include any combination of custom configurations, scripts, data inputs, custom reports or views, and themes that can change the look and feel of the Splunk platform. A single add-on can be used in multiple apps, suites, or solutions.

Specialized add-ons can help to collect, transform, and normalize data feeds from specific sources in your environment. Specialized add-ons are often referred to as Technology Add-ons, and can include some of the following functions:

  • Knowledge management components, such as field extractions, transforms, and lookups, that make the data easy to use.
  • Knowledge mapping components, such as event types and tags, that normalize the data to the Common Information Model.
  • Configurations and/or tools to gather data from a source.

For more about apps and add-ons, see Develop Splunk Apps on the Splunk Developer Portal.

How the Splunk Add-on Builder can help you

The Splunk Add-on Builder guides you through the process of creating an add-on. The goals of the Splunk Add-on Builder are to:

  • Guide you through all of the necessary steps of creating an add-on
  • Build alert actions and adaptive response actions for Splunk Enterprise Security
  • Reduce development and testing time
  • Follow best practices and naming conventions
  • Maintain CIM compliance
  • Maintain quality of add-ons
  • Validate and test the add-on, helping you to check for certification readiness and to identify any limitations such as compatibilities and dependencies
  • Maintain a consistent look and facilitate branding
  • Package the add-on and helps you get ready to submit it for certification
  NEXT
Learn more and get help

This documentation applies to the following versions of Splunk® Add-on Builder: 3.0.0, 3.0.0, 3.0.1


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters