Develop Splunk apps for Splunk Cloud Platform or Splunk Enterprise
- Develop Splunk apps for Splunk Cloud Platform or Splunk Enterprise
- Set up the development environment
- Get Splunk Enterprise
- Get a Splunk Enterprise Developer license
- Renew your Splunk Enterprise Developer license
- View your license keys
- Install development tools
- Docker
- Visual Studio Code
- Config Explorer
- Sublime Text
- Postman
- Eclipse
- Splunk tools
- Set the SPLUNK_HOME environment variable
- On *nix
- On Windows
- See also
Develop apps for Splunk Cloud Platform and Splunk Enterprise to build customized solutions for your specific data needs. You can create apps for other Splunk users both within and external to your organization.
The following diagram shows the steps in the workflow for developing apps:
Set up the development environment
Follow these steps to prepare your environment for developing Splunk apps.
Get Splunk Enterprise
Whether you are developing an app for Splunk Cloud Platform, Splunk Enterprise, or both, you need a local installation of Splunk Enterprise for your development environment. Even apps that are intended for deployment in Splunk Cloud Platform must be built first in a local Splunk Enterprise deployment.
Download Splunk Enterprise from Free Trial and Downloads.
Get a Splunk Enterprise Developer license
Splunk Enterprise includes Trial and Free licenses that you can use to develop Splunk apps. If you require enhanced access to Splunk Enterprise features and capabilities, consider getting a Developer license. The Developer license is for development purposes only and is not legally permitted for use in production environments. As part of the license application process, Splunk may ask to review your development work to validate proper license usage.
Here's an overview of the Developer license:
- Expires after 6 months, at which point it's renewable
- Has an indexing allowance of 10 GB of data per day
- Grants full access to Splunk Enterprise features
To request a Developer license, follow the prompts on the Splunk Developer Agreement page.
For more information, see the following resources:
- Types of Splunk Enterprise licenses in the Splunk Enterprise Admin Manual
- Install a license in the Splunk Enterprise Admin Manual
Renew your Splunk Enterprise Developer license
You can renew your Splunk Enterprise Developer license within 10 days of the license's expiration.
To renew your license, complete the license request process again. See Get a Splunk Enterprise Developer license.
View your license keys
View your Splunk software license and reset keys through the Splunk Support Portal.
- Go to splunk.com and log in with your username and password.
- From the navigation menu, select Support > Support Portal.
- From the navigation menu, select Get started > Licenses.
- From the Active Licenses table, locate the license you want to view.
- Developer licenses contain "Splunk Developer Personal License" in the product name.
- Reset keys contain "Splunk Enterprise Reset Warnings" in the product name.
- Select the GUID for the license you want to view.
Your license key appears as an XML snippet under License Key. For information on how to apply your license, see Install a license in the Splunk Enterprise Installation Manual.
Install development tools
You can use the IDEs and tools of your choice for writing code, editing text files, issuing REST commands, and so forth. Many tools include plugins to extend functionality, including plugins for developing for the Splunk platform.
Here are several tools and plugins for working with Splunk app development.
Docker
Use Docker for creating isolated environments for development. For example, set up container images with clean installations of different versions of Splunk Enterprise to test your Splunk apps.
You can download the following Splunk images to use with Docker:
Splunk in Docker, the official Splunk Docker repository that contains a Docker image with the latest version of Splunk Enterprise.
Splunk App Testing, a GitHub repository that contains a sample CI/CD pipeline for testing a Splunk app against multiple versions of Splunk Enterprise in parallel.
Visual Studio Code
Use Visual Studio Code for writing code on Windows, Linux, and macOS.
You can download the following Splunk extensions to use with Visual Studio Code:
- Splunk Extension for Visual Studio Code for creating, testing, and debugging apps.
- Microsoft Visual Studio Code Supporting Add-on for Splunk for debugging Python code in apps, custom search commands, custom REST handlers, and modular visualizations.
Config Explorer
Use the Config Explorer app to edit Splunk configuration files. This tool runs as an app within Splunk Enterprise.
Sublime Text
Use Sublime Text for editing text, code, and markup.
You can download this Splunk plugin to use with Sublime Text:
- Splunk Conf File Syntax Highlighting for working with Splunk configuration (.conf) files.
Postman
Use Postman for working with REST APIs.
You can use this Splunk collection with Postman:
- AppInspect Postman collection for validating apps using the AppInspect REST API.
Eclipse
Use Eclipse IDE for Java for Java development.
Splunk tools
You can download the following Splunk tools:
- Splunk Enterprise SDKs for integrating with the Splunk platform using Python, Java, JavaScript, or C#.NET.
- Splunk logging libraries for logging events within your app.
All Splunk-supported tools are available on the Downloads page.
Cross-platform support
The Splunk platform supports Linux, MacOS, and Windows operating systems, and Splunk apps work across these platforms. However, because Splunk Cloud Platform does not support Microsoft Azure, developing apps in C# on Windows is not ideal for Splunk Cloud Platform apps.
For more information, see the following resources:
- Splunk Enterprise + Visual Studio Code = Better Together on the Splunk blog
- System requirements for use of Splunk Enterprise on-premises in the Splunk Enterprise Installation Manual
Set the SPLUNK_HOME environment variable
The SPLUNK_HOME environment variable specifies the path where Splunk Enterprise is installed. Setting this variable makes it easier to navigate to this installation directory in a terminal window or command prompt on your development machine. Other Splunk apps and processes also use this environment variable, such as the tests for the Splunk Enterprise SDKs.
This location is often referred to in file paths as $SPLUNK_HOME.
On *nix
In a terminal window, run the following command to determine which shell your system uses:
Bash
If the command returns "/bin/bash" or something similar, your system uses bash. If the command returns "/bin/zsh" or something similar, your system uses Z shell.
To set the SPLUNK_HOME environment variable using bash
In a terminal window, enter the following command to ensure that ~/.profile exists:
BashEnter the following command to set the SPLUNK_HOME environment variable on startup, replacing
your_splunk_enterprise_directory
with the path to your Splunk Enterprise installation:BashFor example, you might enter the following command:
BashClose the terminal window.
Open a new terminal window and enter the following command to verify that the environment variable is set:
Bash
To set the SPLUNK_HOME environment variable using Z Shell
In a terminal window, enter the following command to ensure that ~/.zshrc exists:
BashEnter the following command to set the SPLUNK_HOME environment variable on start-up, replacing
your_splunk_enterprise_directory
with the path to your Splunk Enterprise installation:BashFor example, you might enter the following command:
BashClose the terminal window.
Open a new terminal window and enter the following command to verify that the environment variable is set:
Bash
On Windows
Open a command prompt and enter the following command to verify whether the SPLUNK_HOME environment variable is set:
SHIf you see "C:\Program Files\Splunk" or something similar, SPLUNK_HOME is set.
To set the SPLUNK_HOME environment variable, open a command prompt and enter the following command, replacing
your_splunk_enterprise_directory
with the path to your Splunk Enterprise installation:SHFor example, you might enter the following command to set the default installation location:
SH
See also
To learn more about the Splunk platform, see the following resources:
- Splunk Enterprise and Splunk Cloud Platform documentation
- Splunk Training + Certification for courses and other learning materials
Before you create a Splunk app, see the following resources: