Greater Self-Service Private Apps on Cloud with New AppInspect Tags

We're excited to announce that starting with the new Splunk Cloud Product 9.0.2205 release, it's easier to create, manage and use private apps. Although Splunk is great by itself, we can all agree that the real value of Splunk comes from all the applications that Developers, SplunkTrust folks and Splunkers build. In an effort to continue cloud private apps’ value, we are introducing optional architecture-specific AppInspect tags to let more private apps be self-serviceable for both Classic and Victoria Cloud stacks.

A Quick Background of AppInspect

AppInspect checks are used when an app is destined for Splunk Cloud. AppInspect runs a series of automated and sometimes manual checks for security and compatibility validations. Recently, we introduced Automated Private App Validation for private apps through the AppInspect tag private-app. This bypassed any manual checks for private apps and returned these app results in minutes. Today, we are releasing new architecture-based automated checks that expands self-serviceability of apps in cloud.

A Deeper Dive Into AppInspect Tag Changes

We’ll start out by mentioning that all of these changes are backward compatible in the sense that you don’t have to change a thing to get benefits from these improvements. The new architecture-based tags private_victoria and private_classic tags are groups of specific checks from the original private-app tag in AppInspect. Of course, all of these tags include all relevant AppInspect checks to make sure that apps are secure and are compliant with our Splunk Cloud policy. The different tags apply the applicable self-service installation checks associated with the architecture of your specific Splunk Cloud stack. Developers of private apps now can gain additional flexibility if they design an app for a specific architecture.

If an admin is using the UI to upload or install private apps on cloud, the new tags will automatically be applied. The AppInspect reports will reflect the new tags based on which architecture and version of cloud in use.

If an admin or developer uses Admin Config Service (ACS), they should use the new AppInspect tags to retrieve the correct report and when submitting the app to ACS. If this change does not occur, the results directly from AppInspect may differ from the AppInspect results that are retrieved from the Uploaded App page.

Splunk will automatically run the correct new tag based on the architecture. This is independent of what tag is used when submitting the app via ACS. It allows the platform to be backward compatible while delivering the greatest benefit to customers.

The private-app tag combines the most restrictive parts of private-victoria and private-classic tags. If an app can pass these checks, it will pass the new checks. Splunkbase apps will continue to use the same approval process. Those apps must pass AppInspect with the with the private_app test as well as manual checks at this time.

These new changes are specific to Splunk Cloud and have no impact to customer managed Splunk Enterprise deployments.

For more information, check out Splunk Docs, AppInspect Docs or the Admin Config Service.

This blog post was co-authored by Spencer Baker.