Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
Administer Your Splunk Cloud Stacks Easily and Efficiently with ACS Helper for Splunk
By
Atef Kouki
A little over two years ago, Splunk announced a revolutionary feature that would simplify the life of Splunk Cloud administrators by providing APIs that enable self-management and self-administration of Splunk Cloud Stacks. No more waiting for support tickets to be written, emailed, prioritized and then executed.
The ACS API is built with a set of features to update the list of authorized IP addresses, HEC (HTTP Event Collector) tokens, authentication tokens, indexes and many other possible Splunk Cloud platform configurations.
However, in order to take full advantage of these features, you need advanced technical knowledge and use 3rd party tools such as Postman or the command line to be able to process ACS requests.
In addition, you have to use a multitude of mandatory parameters for each API endpoint, which depends on the capability (indexes, tokens, applications, users, etc.), the experience of the Splunk Cloud instance (Classic or Victoria) and the desired action (add, delete, list, etc.)... You get the idea.
This added complexity and prevented some customers from fully benefitting from ACS capabilities.
To remedy this, I've developed a tool that adds a simple and user-friendly graphical interface to make ACS features easier to access, use and hide all that complexity: ACS Helper for Splunk.
Now you don't need to consult the documentation on how to call ACS features, what parameters to use to perform a specific action and what tool to use them with. Take full advantage of all ACS capabilities within a Splunk application and see for yourself how easy it is to update your firewall rules, tweak Splunk limits, create indexes or manage your applications... with one single click!
ACS Helper for Splunk also allows you to organize, store and manage multiple Splunk Cloud instances at once, regardless of Stack experience, Classic or Victoria. This allows you to switch from administering one instance to another very quickly and without wasting any time.
This application allows to :
- Configure IP allowlist
- Configure outbounds ports
- Manage authentication tokens
- Manage HTTP Event Collector (HEC) tokens
- Manage indexes
- Manage limits.conf configurations
- View installed applications
- Remove applications
- Show maintenance windows
- Manage restarts
ACS Helper for Splunk has been available for download since May 10th on Splunkbase: https://splunkbase.splunk.com/app/6856
Useful links:
- https://www.splunk.com/en_us/blog/platform/splunk-cloud-self-service-announcing-the-new-admin-config-service-api.html
- https://docs.splunk.com/Documentation/SplunkCloud/9.0.2303/Config/ACSIntro
- https://docs.splunk.com/Documentation/SplunkCloud/9.0.2303/Config/ACSCLI
Thank you and happy Splunking,
Atef Kouki
Related Articles
About Splunk
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
