|Author||Aplura, LLC. Code42, Inc.|
|Vendor Products||Code42 Appliance|
|Has index-time operations||false|
|Creates an index||false|
|Implements summarization||Currently, the app does not generate summaries|
About Code42 App For Splunk
Code42 App For Splunk allows a Splunk Enterprise administrator to extract information and knowledge from Code42.
This App provides the following scripts:
Version 3.0.12 of Code42 App For Splunk is compatible with:
|Splunk Enterprise versions||6.6, 7.0, 7.1, 7.2|
|Vendor Platform||Code42 Enterprise / Small Business|
Version 3.0.12 of Code42 App For Splunk has the following known issues:
Access questions and answers specific to Code42 App For Splunk at https://answers.splunk.com . Be sure to tag your question with the App.
Support is available via email at firstname.lastname@example.org. Responses vary on working days between working hours.
Because this App runs on Splunk Enterprise, all of the Splunk Enterprise system requirements apply.
Download Code42 App For Splunk at https://splunkbase.splunk.com/app/3736/.
NOTE: Where referenced, TA-Code42ForSplunk and IA-Code42ForSplunk are located on Splunkbase.
Follow these steps to install the app in a single server instance of Splunk Enterprise:
To configure the Code42 application you should start on the Application Configuration page (Administration > Application Configuration)*:
On this screen you can set the base index as well as a flag that specifies that the application is configured. In the future there will be additional configurations available.
If you have configured a proxy server you can view the configuration under this tab. These are proxy server configurations that are being used by existing modular inputs for the Code42 application. You can also delete existing proxy configurations on this tab.
You can view/delete existing credentials on this tab. These are credentials that are being used by existing modular inputs in the Code42 application. These credentials are the credentials used to connect to Code42 appliances.
On this screen you can view and make any changes to existing modular inputs. As you make changes and tab between fields the modular input is modified.
If you need to use a proxy as part of the connection to the Code42 appliance configure it here.
To create a new proxy server configuration, click the Create New Proxy button and fill in the following fields:
By default creating a new modular input with a username and password specified will create the necessary encrypted credentials. However if you want to create encrypted credentials manually follow this process:
NOTE: By default creating a new modular input will automatically create a new encrypted credential so this process is not necessary unless you need a new credential for another purpose.
NOTE: You will need to configure a new modular input for each appliance
NOTE: When configuring the modular input through the Application Configuration dashboard, the password is automatically encrypted into the credential store. If you need to change the credential, create a new credential, and reference the host/user pair in the modular input configuration. An encrypted credential is required for this Splunk App.
By default all events will be written to the main index. You should change the index in the configuration files to match your specific index.
If you experiencing issues, and would like to reset the Code42 Data to factory install, there are few steps to take.
Code42 App For Splunk contains three automatically generated lookups.
The following lookup files are generated automatically from saved searches every hour.
Code42 App For Splunk does make use of an event generator. This allows the product to display data, when there are no inputs configured.
The stanzas are:
Updated a timeout setting.
- [C42-87] Fix for data ingestion delay
Enhanced Stability for Code 42 inputs.
1. Added is_cloud check
Bug Fix in the data collection processor.
New stability improvements.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.