Splunk Cloud Support?

[MineshK]

Hi,

Would be great if this was supported on Splunk Cloud, so we can try it out. I think it needs to be certified by them before they will install it.

Any chance it will be certified by Splunk for Cloud?

Thanks

[remg427]

Hi, Other have managed to get it on cloud but later Splunk changed policy and inputs are no longer allowed in search heads. I am working on a cloud edition that should be vetted.

-- Sent with K-9 Mail.

[remg427]

Hello have a look at TA-thehive-ce.tar.gz this one should be OK. Don't ask for vetting process yet as I am waiting for feedback first and I still need to update splunklib with latest version 1.6.11

[MineshK]

Hi Rémi,

Thanks for the quick reply - I just tried it, and no joy:

The failure is for the following: Do not supply a local.meta file- put all settings in default.meta. File: metadata/local.meta

There are a number of warnings too - these are not blockers, but ma be worth getting ahead of for a later version:

check_custom_confs

• Custom config file bin/ta_thehive_ce/cloudconnectlib/splunktalib/setting.conf may require further review but does not block self-service install. File: bin/ta_thehive_ce/cloudconnectlib/splunktalib/setting.conf
• Custom config file default/addon_builder.conf may require further review but does not block self-service install. File: default/addon_builder.conf
• Custom config file default/ta_thehive_ce_settings.conf may require further review but does not block self-service install. File: default/ta_thehive_ce_settings.conf

check_for_valid_package_id The app.conf [package] stanza's has 'id' property: TA-thehive-ce, while '-' is not recommended. See https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Appconf for more details. File: default/app.conf Line Number: 19

check_splunklib_dependency_under_bin_folder

• splunklib is found under bin folder, this may cause some dependency management errors with other apps, and it is not recommended. Please follow examples in Splunk documentation to include splunklib. You can find more details here: https://dev.splunk.com/view/SP-CAAAEU2 and https://dev.splunk.com/view/SP-CAAAER3
• splunklib is found under bin folder, this may cause some dependency management errors with other apps, and it is not recommended. Please follow examples in Splunk documentation to include splunklib. You can find more details here: https://dev.splunk.com/view/SP-CAAAEU2 and https://dev.splunk.com/view/SP-CAAAER3

Cheers

[remg427]

Hello, for the CE edition go to repository TA-thehive-ce. I have made some changes and version 1.0.1 should OK for Cloud vetting some warnings above have been solved (not all yest)