Splunk® Asset and Risk Intelligence

Administer Splunk Asset and Risk Intelligence

Splunk Asset and Risk Intelligence is not compatible with Splunk Enterprise 9.1.2 due to known issues SPL-237796, SPL-248319 where search results in "results" have more rows than expected. Upgrade to Splunk Enterprise 9.1.3 to use Splunk Asset and Risk Intelligence.

Splunk REST API reference for Splunk Asset and Risk Intelligence

Splunk Asset and Risk Intelligence uses Splunk REST API endpoints within the application to perform operations that include accessing, creating, updating, and deleting resources.

See the following table for a list of REST API endpoints used by Splunk Asset and Risk Intelligence, their descriptions, and the operations they can perform.

Link to the Splunk Enterprise REST API endpoint Description Operations
Props Access, create, update, and delete calculated fields, field extractions, field aliases, lookups, and sourcetypes in props.conf. GET, POST, DELETE
Transforms Access, create, update, and delete field extractions, lookup definitions, and automatic lookups in transforms.conf. GET, POST, DELETE
Macros Access, create, update, and delete tags in tags.conf. GET, POST, DELETE
Eventtypes Access, create, update, and delete event types in eventtypes.conf. GET, POST, DELETE
Tags Access, create, update, and delete tags and event type tags in tags.conf. GET, POST, DELETE
Collections Access, create, update, and delete tags in collections.conf. GET, POST, DELETE
Saved Searches Access, create, update, and delete saved searches and alerts in savedsearches.conf. GET, POST, DELETE
Dashboards Access, create, update, and delete dashboards and dashboard XML code. GET, POST, DELETE
Navigation Access, create, update, and delete navigations in default.xml. GET, POST, DELETE
Last modified on 05 August, 2024
Integrate ServiceNow data with Splunk Asset and Risk Intelligence data   Troubleshoot Splunk Asset and Risk Intelligence

This documentation applies to the following versions of Splunk® Asset and Risk Intelligence: 1.0.0, 1.0.1, 1.0.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters