Open shaygrantt opened 7 months ago
I am also having the similar issue. Do we have any update on how this can be resolved? I tried manual upload of app and test it that way and I found it works but api_deploy commands returns these errors. Also, I can see that contentpack contains statements related to Enterprise security specific features such as correaltion searches etc. (in savedsearch.conf file there are many references to that). So does that mean these can only be deployed on ES search heads? If not, how can we remove those sort of settings from the app during build? How can we add customer alert actions from the repo? such as trigger action to snow to raise ticket? I am sorry if I am misunderstanding something but I am quite new to this and I am trying to get my head around how we can use this. Also, a detailed readme guide would help a lot to answer all these questions. I think there is an open issue request for the same as well. :)
Thanks
@vikasverma-pol did you ever find the fix for this?
Hi team I am unable to deploy any content pack via api_deploy command. contentctl api_deploy will produces the following errors below. If I do contentctl build command and manually upload the output of dist it does installed on the splunk instance. Any reason for this error? Tested this on both splunk installed on windows machine and linux machine
Splunk Version
Config file