Closed mhoogcarspel-splunk closed 4 years ago
mhoogcarspel-splunk
commented
4 years ago Possible workarounds: Create non-empty keys where possible.
Include files or apps instead of using using the config option in default.yml https://splunk.github.io/splunk-ansible/ADVANCED.html#app
nwang92
commented
4 years ago Not sure if the formatting got messed up, but I assume the default.yml is supposed to look like:
splunk:
conf:
serverclass:
directory: /opt/splunk/etc/system/local
content:
global:
targetRepositoryLocation: $SPLUNK_HOME/etc/apps
disabled: false
excludeFromUpdate: "$app_root$/.git*"
"serverClass:secrets":
repositoryLocation: /etc/splunk/secrets
"serverClass:secrets:app:test": {}
"serverClass:secrets:app:*": []
"serverClass:secrets:app:universal_secrets":
"whitelist.0": "*splunk-ingester*"
...The serverClass:secrets:app:test should be at the same level as global correct? Otherwise, it may not be treating it as a section as intended.
mhoogcarspel-splunk
commented
4 years ago I had to re-intend before copy pasting, I made a mistake there, sorry,
In the testing it was all at the same level as this serverclass, and the ones with the whitelist like below, did get rendered:
"serverClass:secrets:app:universal_secrets":
"whitelist.0": "*splunk-ingester*"This will be solved by https://github.com/splunk/splunk-ansible/pull/446 - we'll get this in splunk/splunk:8.0.3
When using default.yml to add configuration, empty keys aren't added to config files
This can be interesting for example for adding empty serverclasses.
Example:
results in
missing in /opt/splunk/etc/system/local/serverclass.conf after.