Splunk Cloud Platform

Admin Config Service Manual

Retry failed operations in Splunk Cloud Platform

The Admin Config Service (ACS) API lets you retry failed operations for certain features in Splunk Cloud Platform deployments on Classic Experience. You can use ACS to retry failed operations programmatically, without the need to manually retry the operation inside the Splunk Web UI.

The ability to retry failed operations programmatically is especially useful for deployments that perform bulk operations, or those that integrate ACS into CI/CD pipelines, as you can use it to build retry functionality into your automated processes.


To retry failed operations using the ACS API:

  • You must hold the sc_admin role.
  • Your Splunk Cloud Platform deployment must be on Classic Experience. See Determine your Splunk Cloud Platform Experience.
  • Your deployment must have one or more separate search heads or a search head cluster. ACS is not supported on single instance deployments.

Set up the ACS API

Before using the ACS API, you must download the ACS Open API 3.0 specification, which includes the parameters, codes, and other data you need to work with the ACS API. You must also create a JWT authentication token in Splunk Cloud Platform for use with ACS endpoint requests. For details on how to set up the ACS API to manage restarts, see Set up the ACS API.

Retry failed operations using the ACS API

The following instructions show you how to retry a failed operation using the ACS API. ACS retry functionality applies to Splunk Cloud Platform deployments on Classic Experience only.

The ACS API supports retry for private app installation and HEC token management operations only.

ACS tools, including the ACS CLI and Terraform Provider, automatically retry failed HEC token management operations when applicable. To access the Splunk Cloud Platform Terraform Provider (terraform-provider-scp), see the Terraform Registry.

Check latest operation status

The ACS API lets you check the status of the latest run of certain operations, including private app installation and HEC token management operations. You can integrate this functionality into your workflows in a flexible manner to monitor operations based on your use case.

To check the status of your latest operation, send a GET request to the deployment/status endpoint. For example:

curl 'https://admin.splunk.com/{stack}/adminconfig/v2/deployment/status' \
--header 'Authorization: Bearer eyJraWQiOiJzcGx1...'

The response shows information about the latest operation, including the deployment task ID, timestamp, and status. For example:

   "lastDeployment": {
       "id": "AD11DDF4-B13B-4EDC-9B4F-A5FF539CD196",
       "timestamp": "6/16/2023, 11:31:22 AM",
       "status": "failed"

If the status shows that the latest operation failed, you can use the ACS API to retry the operation. See Retry a failed operation.

For endpoint details, see deployment/status in the ACS API endpoint reference.

Retry a failed operation

If you receive a failure message, such as a 424-failed-dependency error, indicating that an app installation or HEC management operation has failed, you can use the ACS API to retry that operation.

To retry an operation after a failure, send an HTTP POST request to the deployment/retry endpoint. The retry request automatically retries the latest operation. For example:

curl -X POST 'https://admin.splunk.com/{stack}/adminconfig/v2/deployment/retry' \
--header 'Authorization: Bearer eyJraWQiOiJzcGx1...'

The request returns information about the retry operation, including the deployment task ID, timestamp and status. For example:

   "id": "30D3BC03-11AC-4A16-88F7-7924735638ED",
   "timestamp": "6/16/2023, 11:31:22 AM",
   "status": "new"

A status of "new" indicates that your retry request was submitted successfully. Note that it can take some time for the request to complete, as retry jobs are performed asynchronously.

For endpoint details, see deployment/retry in the ACS API endpoint reference.

Check status of a retry operation

To check the status of a retry operation, send an HTTP GET request to the deployment/status/{deploymentID} endpoint, specifying the deploymentID value returned in the retry request output. For example:

curl --location --request GET 'https://admin.splunk.com/{stack}/adminconfig/v2/deployment/status/{deploymentId}' \
--header 'Authorization: Bearer eyJraWQiOiJzcGx1...'

The request output shows the status of the retry operation. For example:

   "id": "30D3BC03-11AC-4A16-88F7-7924735638ED",
   "timestamp": "6/16/2023, 11:31:22 AM",
   "status": "running"

Possible retry status values include:

Status Description
new The retry request has been successfully submitted.
failed The retry operation has failed.
running The retry operation is in progress.
completed The retry operation has completed successfully.

For endpoint details, see deployment/status/{deploymentID} in the ACS API endpoint reference.

Last modified on 25 January, 2024
Provision Enterprise Managed Encryption Keys (EMEK) for Splunk Cloud Platform   Manage users, roles, and capabilities in Splunk Cloud Platform

This documentation applies to the following versions of Splunk Cloud Platform: 8.2.2112, 8.2.2201, 8.2.2202, 8.2.2203, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308 (latest FedRAMP release), 9.1.2312

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters