Open-Source Software libraries used within this add-on include:
- Oauth2 version 1.5
- Httplib2 version 0.8
- Requests version 2.2.1
- SplunkLib version 1.6.14
For technical support, questions or concerns on the release -- contact our development team at [email protected].
Technical Note
app.conf overview: $SPLUNK_HOME/Splunk/etc/apps/search_cp/local/app.conf
Upon initial setup, the parameter is configured
located under the stanza install
must have a value of 0
. This value represents that the application is indeed starting up for the first time and is not configured for use. A user's first use of the Catchpoint Splunk Modular Input should, by default, take the user to the App configuration
page when the is configured
is 0.
From the home view of SplunkWeb, navigate to the left-hand side and select the grayed Find More Apps
icon. In the search bar that appears, search for Catchpoint Search
and select Install
. Upon completion, select Restart
. Once restarted, from the home view, select the Catchpoint Search
app found on the left-hand side of the view. On the App configuration
page which follows, select Continue to app page setup
to continue.
On the setup page, the base URL (Catchpoint API URL) has been automatically set. Complete the setup by supplying the consumer key and consumer secret within the remaining fields.
Multiple client/division support for performance and alerts data:
- To pull data from multiple client/division, Navigate to
Manage Apps
page. - Search for
Catchpoint Search
and selectSet up
from Actions. - Complete the setup by supplying the consumer key and consumer secret within the remaining fields.
If manually installing the application from its tarball form, it is important to ensure (when the .tar has been expanded) that the base directory's name of the application is search_cp
.
The end result of a manual installation should reflect the following folder structure -- where search_cp is the name of the application directory.
~SPLUNK_HOME
\etc
..\apps
..\..\search_cp
Navigate to Settings > Data inputs and locate Catchpoint Modular Input. On the right-hand side of the located row, select Add New
. To begin ingesting Catchpoint data within Splunk, supply the required values for Catchpoint Input Name
, Test ID
and Client Secret
, Catchpoint Input Name
is used only for labeling the tests json. Client Secret
should match one of the consumer secret key which was supplied in the set up page.
It should be noted that the user should pay special attention to the required format of the Test ID
field.
The modular input can be setup with just one test ID, however, if the user chooses to create the modular input with multiple test IDs,
it is required multiple test IDs
- be of a comma-seperated values form.
- be of the same test type.
Example.
Assume the following Test IDs to be of the same type:
- XXX
- YYY
- ZZZ
Assume the following Test ID to be of a different type of the IDs mentioned above:
- BBB
As an example,
https://io.catchpoint.com/v{version}/performance/raw?tests=XXX,YYY,ZZZ
is a VALID endpoint because
- the Test IDs provided are of a comma-seperated values form.
- the Test IDs provided are of the same test type.
As a closing example,
https://io.catchpoint.com/v{version}/performance/raw?tests=XXX,BBB,YYY
is an INVALID endpoint because although
- the Test IDs provided are of a comma-seperated values form,
- the Test IDs provided are NOT of the same test type.
Options
Under More settings
, the user is able to set the Index
and Host
field values.
The Index
dropdown sets the destination index for this source. It is recommended users choose catchpoint
as the specified index. To finish input setup, select Next
toward the top of the page's view.
Closing Note
The frequency or 'interval' of how often the newly created data input is executed has been programmatically determined by using the start and end time values of the initial event json recently indexed into Splunk.
Upon completing the Getting Data In
section, the user is now ready to view thier data being ingested within Splunk. From Splunk's homepage, select the Catchpoint Search
app icon found on the left-hand side.
The user is able to complete searches within the Catchpoint index with the command index = catchpoint
.