option to use the default bundled "certifi" CA Bundle rather than having to declare your own path to a CA Bundle
upgraded the Splunk Python SDK to v 1.6.18 to meet the latest App Inspect/Cloud Vetting rules.
By default ,for refresh_token flows, the client_id and client_secret will get placed as parameters in the request body. Added some code so that the client_id and client_secret will also be included as a Base64 encoded Basic Auth header , https://www.oauth.com/oauth2-servers/access-tokens/refreshing-access-tokens/
added a configuration option to select the grant type for OAuth2 flows
updated the oauthlib backwards compatibility to python2.7
Ensure any http/https proxies are available for OAuth2 Refresh Token URL requests
increase page size from 30 to unlimited for the list of encrypted keys.
updated the custom response handler method signature.Added in backwards compatibility for your existing custom response handlers , or you can update your handlers to use the new call method signature. Refer to rest_ta/bin/responsehandlers.py for examples.
upgraded logging functionality
added a default response handler for oauth2
upgraded logging functionality
upgraded urllib3 library from 1.25.3 to 1.25.10
removed some logging debug messages , which are actually disabled by default , but the Splunk cloud folks don't like them
logging enhancements for default requests messages
enforced Python3 for execution of the modular input script.If you require Python2.7 , then download a prior version (such as 1.9.1).
python3 compatibility tweaks
general appinspect tidy ups
removed setup.xml and replaced with a custom JS/HTML dashboard for app setup
added code to prevent passwords from other apps that might have their sharing set to Global from being concatenated into the rest_ta namespace.
minor fix to encryption logic
Improved the usability of the setup page for encrypting credentials
can now pass oauth2 session through to a custom response handler
added config field for oauth2 expires_in
added a custom setup page if you require encryption of credentials
updated the bundled version of the requests library to version 2.23.0
stateful variables/settings used to get persisted back to inputs.conf , now they get persisted to a custom config file reststate.conf , which should solve any unwanted auto restarting of the app by splunkd.
made error logging more verbose by adding stanza name
minor tweak to authhandlers.py for python 2/3 dual compatibility
bundled in python modules that are not packaged into Splunk versions pre 8 : urlib3 , certifi , chardet , idna
Dual Python 2.7 and 3+ compatibility.
App will run on :
Splunk Enterprise versions back to Splunk 5 where there is only a Python 2.7 runtime shipped
Splunk Enterprise version 8 where there is both a Python 2.7 and Python 3+ runtime shipped
Future versions of Splunk Enterprise where there is only a Python 3+ runtime
added support for Certificate verification using a supplied CA Bundle file
fixed Splunk 8 compatibility for manager.xml file
added client certificate config options
updated docs
added trial key functionality
added a triggers stanza to app.conf to prevent reloading after saving state back to inputs.conf
Patched a bug to callbacks to Splunk for persisting state that required the activation key in the payload
minor manager xml ui tweak for 7.1
Corrected a build bug with responsehandlers
Added an activation key requirement , visit http://www.baboonbones.com/#activation to obtain a free,non-expiring key
Added support for HEAD requests
Docs updated
Splunk 7.1 compatible
Delimiter fix
Can now declare a CRON pattern for your polling interval.
Multiple requests spawned by tokenization can be declared to run in parallel or sequentially.
Multiple sequential requests can optionally have a stagger time enforced between each request.
Minor code fix for a logging statement error
Added support for token replacement functions in the URL to be able to return a list
of values, that will cause multiple URL's to be formed and the requests for these
URL's will be executed in parallel in multiple threads. See tokens.py
Added a custom response handler for rolling out generic JSON arrays
Refactored key=value delimited string handling to only split on the first "=" delimiter
Ensure that token substitution in the endpoint URL is dynamically applied for each
HTTP request
Added support for dynamic token substitution in the endpoint URL
ie : /someurl/foo/$sometoken$/goo
$sometoken$ will get substituted with the output of the 'sometoken' function
in bin/tokens.py
Currently have just shipped with 1 example token $datetoday$ which will dynamically resolve to today's date in format 2014-02-18
Added support for sending and persisting cookies
Changed the logic for persistence of state back to inputs.conf to occur directly after polling/event indexing has completed rather than waiting for the polling loop frequency sleep period to exit. This potentially deals with situations where you might terminate Splunk before the REST Mod Input has persisted state changes back to inputs.conf because it was in a sleep loop during shutdown.
Cosmetic fix for 1.3 release
Added a new feature that will automatically persist updates to URL Arguments , HTTP Header Propertys or HTTP Request Body content back to your inputs.conf stanza. Such a scenario might occur if you are using a custom response handler to dynamically calculate URL Arguments , such as a timestamp or event paging cursor, and you want this latest state to be persisted back into your configuration so that if you need to restart the REST input , it's configuration is in the latest polled state and can resume polling from where it left off.
Upgraded underlying python requests library to version 2.0 , primarily to support the HTTP CONNECT verb
Added support for user defined delimiter for multiple "key=value" fields .
Added hooks in responsehandlers.py for custom handling of responses, use cases such as URL arguments/HTTP header properties that might require a dynamic value per request , HTTP REL Header link following , dynamically changing the endpoint URL.
Fixed minor script bug when printing http errors
Added support for POST and PUT HTTP Methods for getting data. Not RESTful per say but a useful out for API's that are "REST like"
Renamed the manager xml file to avoid naming clashes
Fixed some spelling typos
First release
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.