Version 1.2 on Splunkbase not working with Splunk Cloud Classic Version: 9.0.2303.201

[hkelley]

We updated our add-on and the databricksquery command no longer works (via PAT or Azure Service Principal authentication). I can't find any clues in _internal related to the python error. The search log only shows:

07-28-2023 10:24:26.355 INFO  ServerConfig [1401872 searchOrchestrator] - Will add app jailing prefix /opt/splunk/bin/nsjail-wrapper for TA-Databricks
07-28-2023 10:24:26.355 INFO  ChunkedExternProcessor [1401872 searchOrchestrator] - Running process: /opt/splunk/bin/nsjail-wrapper /opt/splunk/bin/python3.7 /opt/splunk/etc/apps/TA-Databricks/bin/databricksquery.py
07-28-2023 10:24:27.238 INFO  ChunkedExternProcessor [1401872 searchOrchestrator] - Custom search command is a generating command.
07-28-2023 10:24:27.238 WARN  ChunkedExternProcessor [1401872 searchOrchestrator] - Error adding inspector message: invalid level or message already exists
.......
07-28-2023 10:24:27.329 ERROR ChunkedExternProcessor [1401944 phase_1] - Error in 'databricksquery' command: External search command exited unexpectedly with non-zero error code 1.

Also, version 1.2 does not appear to have been committed to this repo. https://github.com/databrickslabs/splunk-integration/blob/8389c72498825c9bb9306e2b20fe33bfee209e35/app/app.manifest#L8C21-L8C21

[hkelley]

There is a new mandatory parameter for databricksquery called account_name. Take this name from the Splunk app's configuration. This breaking change is not documented in Splunkbase release notes but it does appear in the docs within the Splunk app.

 databricksquery cluster="<cluster_name>" query="<SQL_query>" command_timeout=<timeout_in_seconds> account_name="<account_name>" | table *