Install MikroTik - Where's the spl file at point 1h in the guide?

[eloekset]

I've setup Splunk on a Proxmox container with 2 CPU cores, 2GB RAM, 4GB swap, 24GB disk.

I'm at point 1h in this guide after downloading this git repo on the Proxmox container logged in as the Splunk user.

cd ~/etc/apps
git clone https://github.com/Jotne/MikroTik.git

That gives me the following file structure:

splunk@splunk:~/etc/apps$ ls
MikroTik              alert_logevent  introspection_generator_addon  learned                       sample_app               splunk_archiver        splunk_gdi              splunk_internal_metrics    splunk_rapid_diag
SplunkForwarder       alert_webhook   journald_input                 legacy                        search                   splunk_assist          splunk_httpinput        splunk_metrics_workspace   splunk_secure_gateway
SplunkLightForwarder  appsbrowser     launcher                       python_upgrade_readiness_app  splunk-dashboard-studio  splunk_essentials_9_0  splunk_instrumentation  splunk_monitoring_console  user-prefs
splunk@splunk:~/etc/apps$ ls MikroTik/
README  README.md  appserver  default  metadata  static

The next step is to Install app from file and select the spl file. I can't find any spl file, and since I don't have any GUI on the Proxmox container node, I'm wondering if I instead should cone the repo on a machine where I'm accessing the browser GUI of Splunk, because that's where I'm supposed to open that spl file. Should I still have the git repo content on the ~/etc/apps/MikroTik folder?

[eloekset]

I found the .spl file, which is in a binary format, in the .rar file attached to the forum post at point 1g.

Since it's a binary format, it doesn't make sense to have it as part of the source code here on GitHub, but is this file produced as a build step from the other source files? If that's the case, we could setup a GitHub Action that produces a release when the source code is tagged with a version. The GitHub Action could produce both the .rar file and the .spl file as releases named after the tag. That would make it easy to find older versions of the MikroTik Splunk app.

[Jotne]

I did update section 1g and 1h to make it clear that you only need the git or get the spl file. the SPL feil is just a tar file it self that contains the MikroTik files used to auto install (It can also be extracted using tar to see whats inside)

[eloekset]

Ok. This sounds perfectly suited for a GitHub action to produce this file and create releases when tags are added to the repo. An example of a release page: https://github.com/fluentmigrator/fluentmigrator/releases

[Jotne]

Comments updated