Developing Against Splunk Cloud
tewner opened this issue · 1 comments
Hi!
We're in the process of moving from Splunk Enterprise to Splunk Cloud.
- Is this the proper library for developing queries/ETL's against data in Splunk Cloud? (and not plunk-sdk-python)
- I understand that by default, Splunk API endpoints need to be open on a per-IP basis. Is this the case and does this SDK require API access?
- What is the preferred way for our automated Python scripts to authenticate with Splunk Cloud? ClientAuthManager ?
Thank you!
The SDK you want is splunk-sdk-python - this SDK is for use with Splunk Cloud Services, which is no longer in public beta at the moment. splunk-sdk-python works with the Splunk Enterprise / Splunk Cloud platform.
splunk-sdk-python supports both REST API interactions with the Splunk platform, as well as features like custom search commands and modular inputs.
You can find a very simple connection example here: https://github.com/splunk/splunk-sdk-python/blob/master/examples/abc/c.py - note that you may need to contact Splunk Support to request that REST API access be enabled. You can find more information here: https://docs.splunk.com/Documentation/Splunk/8.0.6/RESTTUT/RESTandCloud