noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

United States Attorney's Office[...]

California Teenager Pleads Guilty in Florida to Making Hundreds of[...]
AIM ImmunoTech Inc.

AIM ImmunoTech Refutes Activist Group's False and Misleading Claims
Citigroup Inc.

Citi continues its support for Guatemala’s financial ecosystem with[...]

Lifestyle and Leisure

Splunk Inc.

11/27/2024 | News release | Distributed by Public on 11/27/2024 12:23

Managing Splunk Add-Ons with UCC Framework

At Splunk, we're constantly innovating to make our platform more accessible and powerful for users. Today, we're excited to dive into one of our key tools: the Universal Configuration Console (UCC) framework. This powerful framework is revolutionizing how you can create and manage Splunk add-ons, and we want to show you why it's becoming an essential part of the Splunk ecosystem.

Why UCC, and Who Can Benefit From It?

The UCC framework is designed for Splunk users and developers who want to improve their add-on development process and management. Whether you're an experienced Splunk expert or just starting your journey with our platform, UCC offers a standardized, efficient way to create add-ons with rich user interfaces and robust functionality.

At its core, UCC allows developers and Splunk enthusiasts to focus on what matters most - Creating valuable functionality for Splunk users, rather than getting bogged down in UI implementation details.

Key benefits of UCC include:

Rapid development: reduce time-to-market for your add-ons
Consistency: ensure a uniform look and feel across different add-ons
Maintainability: simplify updates and modifications to your add-ons
Best practices: leverage Splunk-approved design patterns out of the box

To see it in action for yourself, here's a demo on creating a technical add-on with UCC.

The Power of UCC

UCC is more than just a UI generator. It's a comprehensive framework that:

Generates UI (appserver folder)
Creates Python REST handlers to support UI CRUD operations (bin folder)
Generates inputs and their helper modules
Produces OpenAPI description documents
Generates necessary .conf files
Installs Python requirements (lib folder)
Creates metadata files (metadata folder)
Generates a monitoring dashboard
Supports UI extension with custom code
Allows build process extension via additional_packaging.py
Generates necessary files for Alert Actions

Getting Started: Creating a Splunk Add-on With UCC

Let's walk through the process of creating a basic Splunk add-on using the UCC framework. We'll create an add-on that interacts with an external API to fetch activity data. For a real example, go here.

Step 1: Set up your development environment

First, ensure you have python installed. Then, create and activate a virtual environment:

python3 -m venv .venv

source .venv/bin/activate

And install the UCC framework:

pip install splunk-add-on-ucc-framework=="5.51.0"

Step 2: Initialize your add-on

Use the UCC command-line tool to create the initial structure of your add-on:

ucc-gen init --addon-name "demo_addon_for_activities" --addon-display-name "demo add-on for activities" --addon-input-name activities

Step 3: Customize configuration

Navigate to your add-on directory and open the `globalConfig.json` file. Here, you can define the configuration parameters for your add-on. For our activities add-on, we'll include an endpoint url field:

Step 4: Build and package your Add-on

Use the UCC command-line tool to build and package your add-on:

ucc-gen build --ta-version "1.0.0"

ucc-gen package --path ./output/demo_addon_for_activities

This will create a.tar.gz file that you can install on your Splunk instance.

Advanced Features

As you become more comfortable with UCC, you can explore advanced features like:

Custom validators for input fields
Complex input types (e.g., multi-select, radio buttons)
Custom JavaScript for dynamic UI behavior
Integration with Splunk's REST API for advanced functionality
Alert actions for triggered alerts
Monitoring dashboards for add-on performance

The Road Ahead

At Splunk, we're committed to empowering developers to create amazing experiences for our users. The UCC framework is just one example of how we're making that happen.We're continuously improving UCC based on user feedback. Our latest version includes performance improvements and new UI components to make your add-ons even more powerful and user-friendly. We have developed the Gold Standard for Technical Add-ons, a comprehensive guide that serves as the benchmark for add-on development excellence. This standard outlines best practices and quality benchmarks for creating top-tier Splunk add-ons. Currently, it is available for internal use and Splunk Partners, with plans to make it publicly accessible soon. Stay tuned for updates as we work to raise the bar for Splunk add-ons and help you take your development to the next level.

Call to Action

Ready to optimize your Splunk add-on development? Here's what you can do next:

Install the UCC framework and start building your first add-on today.
Explore our comprehensive documentation to learn about all UCC features.
Join our developer community on #ucc-framework Splunk User Groups to share your experiences and get help.
Contribute to the UCC framework on GitHub - we welcome pull requests and feature suggestions!

We can't wait to see what you'll build with it! Remember, the future of data is what you make it. Happy building!

This blog was co-authored by Splunker Szymon Oleksy.

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format