REST API Explorer application

The REST API Explorer application, written in Python and JavaScript, helps you get familiar with the Splunk REST API by letting you interact with the endpoints using a web page interface. You choose an endpoint, fill in its parameters, and run the operation against your Splunk instance. Then, see the Atom Feed response from the REST API call.

 

What you need

The REST API Explorer application is included with the Splunk SDK for Python, so you'll need to install it first. To get that going, see the Splunk SDK for Python requirements and installation pages.

 

Run the application

The REST API Explorer application logs into Splunk with the values you saved in the .splunkrc file, or takes them from command-line parameters if you provide them. To run the application, make sure Splunk is running. Then, open a command prompt in the /splunk-sdk-python/examples/explorer directory and enter the following command:

python explorer.py

Or, enter something like this if you need to specify your login credentials:

python explorer.py --username="admin" --password="changeme"

This command launches your web browser and opens the application's Explorer.html page. This page shows your login and server configuration information at the top of the screen, and displays a list that is populated with almost all of the REST API endpoints (a few aren't allowed because they behave differently).

When you select a REST endpoint from the list, the page is updated with a form that offers the available parameters for that endpoint. Fill in the parameters you want (the required parameters are labeled), and then click the Submit button. Submitting the form issues a call to the Splunk server through a locally-hosted redirect server that works around some cross-domain issues. The response is displayed at the bottom of the page—either an Atom Feed response for a successful operation, or an error message.

You can also verify what you did using Splunk Web. For example, use this REST API Explorer application to create a saved search, and then examine the results in Splunk Web to verify that the saved search was created with the options that you expected.

 

A closer look at the application

The REST API Explorer application includes a combination of files, coded in Python and JavaScript, and are located in the /splunk-sdk-python/examples/explorer directory. Here's an overview of what they do:

Explorer.py: This Python file kicks off the application—it parses any command-line arguments, starts the web browser, and opens the Explorer.html file.

Server.py: This Python file runs the simple redirect server that handles cross-domain communication.

Endpoints.js: This JavaScript file enumerates all of the endpoints in the Splunk REST API and their parameters.

/Prettify: This directory contains files for google-code-prettify, which is used for highlighting syntax in code snippets.

Explorer.html: This web page is where the magic happens. Using HTML and JavaScript, this page:

  • Displays the application.
  • Creates the form depending on the current endpoint and displays the available parameters.
  • Updates the form when a different endpoint is selected.
  • Builds the REST API request string based on the parameters you included and the endpoint you selected.
  • Submits the form, logs into your Splunk instance, and performs the REST API operation.
  • Displays the Atom Feed response or an error message.