Cyber Chasse- Deploy Splunk

How to Deploy Splunk Addons and Apps using Git

 

This blog can help you to understand How to Deploy Splunk Addons and Apps using Git. Git is an administered version-control system to track alterations in source code in the course of software development. It is devised to coordinate work amid programmers, although we can use it to track modifications in any set of files. Its objectives include data integrity, support for distributed, non-linear workflows, and speed. 
 
The following diagram depicts the workflow of various processes that happens between the local computer, git, and the deployment server. 
 
 

Git is an administered version-control system to track alterations in source code in the course of software development. It is devised to coordinate work amid programmers, although we can use it to track modifications in any set of files. Its objectives include data integrity, support for distributed, non-linear workflows, and speed. 
 
The following diagram depicts the workflow of various processes that happens between the local computer, git, and the deployment server. 
 
 

Splunk Addons and Apps

Phase 1: The following process happens in the individual local computer. 

  • Installation of  git bash 
https://git-scm.com/downloads
  • Create a new directory where you want the git repository to be and initialize the git. 

 Git init 

  • Login to git server and clone the git repository that is remote to your local device. 

 Git clone 
 

  • Generate a git branch 

 Git branch 

  • Vacate your branch. Vacating your branch signifies switching of the branch from master to yours. 

 Git checkout 

  • At this point make alterations to the conf files that are to be changed. Now its time to add the changes. 

 Git add  

  • Check the status always before pushing your branch. 

 Git status 

  • Commit your branch after checking the status. 

 Git commit –m ‘message’ 

  • After your branch commit is successful, push your branch. 

        Git Push origin 

Phase 2: The following happens in the Git server at this phase. 

  • After the Push request is completed, create a Pull Request in the Git web UI 
  • Choose the new pull request to create it. The pull request is then validated and approved by the admin. 

Phase 3: The below mentioned steps happen in the Deployment Server. 

  • When the pull request is approved by the admin, the changes will be indicated in the git server.  
  • When the changes are indicated, a git pull command runs in the deployment server with a cron schedule. 
  • This cronschedule is used to run the git pull command and the modifications that are indicated in the git server are now represented in the staging server that is developed in the deployment server. 
  • A staging server is developed by moving to the required folder and running the command git init. 
  • After running the cron and representing the changes in the staging server, a git hook is activated. 
  • Git hooks are scripts that Git runs before or after commit, push, and receive events. Git hooks are an in-built feature that requires no downloading. Git hooks are executed locally.  
  • Create a git hook in the name post-merge, add your script into it and change it as executable. 
  • When the git hook gets activated, the changes done in the staging server gets duplicated and registered into your deployment server in, etc/deployment-apps folder. 
  • Here, the changes are observed in, etc/deployment-apps folder a cron schedule is executed activating the command reload server class and the add-ons and apps available in the, etc/deployment-apps folder are moved to their respective clients. 

We hope this blog helps you to understand How to Deploy Splunk Addons and Apps using Git.

If you still face issues regarding this topic, do not hesitate to raise your queries in the comment box below and to keep yourself updated follow us on 👍 social networks. Happy Splunking