TrackMe

Data tracking system for Splunk

Author TrackMe Limited, U.K.
Version 2.0.2
Hash cee181cea367040b176036779e090581
AppInspect Request ID cb5b12f3-2430-4e8a-aa8a-7a3ed798a09f
Run Time 2023-02-02T23:10:29.626436
Execution Time 180
Run Parameters:
Field Value
AppInspect Version 2.32.0
Totals:
Status Count
Failures 0
Warnings 10
Errors 0
Not Applicable 41
Manual Checks 17
Skipped 0
Successes 155

[ Warning Summary ]

Warnings are non-blocking concerns. But they are strongly recommended to be fixed.
check_custom_confs
  • Custom config file lib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: lib/splunktalib/setting.conf
  • Custom config file default/trackme_settings.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: default/trackme_settings.conf
check_for_vulnerable_javascript_library_usage
  • This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.
    Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4
    
check_hostnames_and_ips
  • PUBLIC IP 2.02.049.049 is found in appserver/static/boostrap-icons/icons/discord.svg:2 File: appserver/static/boostrap-icons/icons/discord.svg Line Number: 2
  • PUBLIC IP 1.246.08.38 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.92.96.96 is found in appserver/static/boostrap-icons/icons/instagram.svg:2 File: appserver/static/boostrap-icons/icons/instagram.svg Line Number: 2
  • PUBLIC IP 5.5.5.5 is found in lib/PySocks-1.7.1.dist-info/METADATA:70 File: lib/PySocks-1.7.1.dist-info/METADATA Line Number: 70
  • PUBLIC IP 1.07.005.64 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.04.5.5 is found in appserver/static/boostrap-icons/icons/cloud-moon.svg:3 File: appserver/static/boostrap-icons/icons/cloud-moon.svg Line Number: 3
  • PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/file-earmark-richtext.svg:3 File: appserver/static/boostrap-icons/icons/file-earmark-richtext.svg Line Number: 3
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses.svg:2 File: appserver/static/boostrap-icons/icons/emoji-sunglasses.svg Line Number: 2
  • PUBLIC IP 2.113.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 File: appserver/static/boostrap-icons/icons/fingerprint.svg Line Number: 5
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown.svg:3 File: appserver/static/boostrap-icons/icons/emoji-frown.svg Line Number: 3
  • PUBLIC IP 1.011.05.05 is found in appserver/static/boostrap-icons/icons/discord.svg:2 File: appserver/static/boostrap-icons/icons/discord.svg Line Number: 2
  • PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/speaker.svg:3 File: appserver/static/boostrap-icons/icons/speaker.svg Line Number: 3
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-wink-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-angry-fill.svg Line Number: 2
  • PUBLIC IP 2.2.82.64 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 7.072.5.5 is found in appserver/static/boostrap-icons/icons/broadcast.svg:2 File: appserver/static/boostrap-icons/icons/broadcast.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile.svg:3 File: appserver/static/boostrap-icons/icons/emoji-smile.svg Line Number: 3
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.02.05.05 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg Line Number: 2
  • PUBLIC IP 1.011.05.05 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg:3 File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg Line Number: 3
  • PUBLIC IP 2.33.66.07 is found in appserver/static/boostrap-icons/icons/github.svg:2 File: appserver/static/boostrap-icons/icons/github.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-smile-fill.svg Line Number: 2
  • PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/cursor-text.svg:2 File: appserver/static/boostrap-icons/icons/cursor-text.svg Line Number: 2
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-frown-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry.svg:3 File: appserver/static/boostrap-icons/icons/emoji-angry.svg Line Number: 3
  • PUBLIC IP 2.02.05.05 is found in appserver/static/boostrap-icons/icons/discord.svg:2 File: appserver/static/boostrap-icons/icons/discord.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg Line Number: 2
  • PUBLIC IP 1.92.96.96 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.04.5.5 is found in appserver/static/boostrap-icons/icons/cloud-moon-fill.svg:3 File: appserver/static/boostrap-icons/icons/cloud-moon-fill.svg Line Number: 3
  • PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg Line Number: 2
  • PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast-pin.svg:2 File: appserver/static/boostrap-icons/icons/broadcast-pin.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-frown-fill.svg Line Number: 2
  • PUBLIC IP 6.84.58.58 is found in appserver/static/boostrap-icons/icons/bootstrap-reboot.svg:2 File: appserver/static/boostrap-icons/icons/bootstrap-reboot.svg Line Number: 2
  • PUBLIC IP 1.246.08.38 is found in appserver/static/boostrap-icons/icons/whatsapp.svg:2 File: appserver/static/boostrap-icons/icons/whatsapp.svg Line Number: 2
  • PUBLIC IP 1.23.82.72 is found in appserver/static/boostrap-icons/icons/github.svg:2 File: appserver/static/boostrap-icons/icons/github.svg Line Number: 2
  • PUBLIC IP 7.072.5.5 is found in appserver/static/boostrap-icons/icons/broadcast-pin.svg:2 File: appserver/static/boostrap-icons/icons/broadcast-pin.svg Line Number: 2
  • PUBLIC IP 1.23.82.72 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 3.028.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 File: appserver/static/boostrap-icons/icons/fingerprint.svg Line Number: 5
  • PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.113.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 6.84.58.58 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink.svg:3 File: appserver/static/boostrap-icons/icons/emoji-wink.svg Line Number: 3
  • PUBLIC IP 2.049.098.133 is found in appserver/static/boostrap-icons/icons/whatsapp.svg:2 File: appserver/static/boostrap-icons/icons/whatsapp.svg Line Number: 2
  • PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg:3 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg Line Number: 3
  • PUBLIC IP 1.07.005.64 is found in appserver/static/boostrap-icons/icons/123.svg:2 File: appserver/static/boostrap-icons/icons/123.svg Line Number: 2
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink.svg:3 File: appserver/static/boostrap-icons/icons/emoji-wink.svg Line Number: 3
  • PRIVATE IP 192.0.2.1 is found in lib/future/backports/test/nullbytecert.pem:46 File: lib/future/backports/test/nullbytecert.pem Line Number: 46
  • PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.69.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.2.82.64 is found in appserver/static/boostrap-icons/icons/github.svg:2 File: appserver/static/boostrap-icons/icons/github.svg Line Number: 2
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-angry-fill.svg Line Number: 2
  • PUBLIC IP 2.049.098.133 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.33.66.07 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 7.072.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-wink-fill.svg Line Number: 2
  • PUBLIC IP 1.69.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 File: appserver/static/boostrap-icons/icons/fingerprint.svg Line Number: 5
  • PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-smile-fill.svg Line Number: 2
  • PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast.svg:2 File: appserver/static/boostrap-icons/icons/broadcast.svg Line Number: 2
  • PUBLIC IP 2.04.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.182.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.02.049.049 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile.svg:3 File: appserver/static/boostrap-icons/icons/emoji-smile.svg Line Number: 3
  • PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/input-cursor-text.svg:2 File: appserver/static/boostrap-icons/icons/input-cursor-text.svg Line Number: 2
  • PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 3.028.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg:3 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg Line Number: 3
  • PUBLIC IP 2.182.5.5 is found in appserver/static/boostrap-icons/icons/arrow-repeat.svg:3 File: appserver/static/boostrap-icons/icons/arrow-repeat.svg Line Number: 3
check_for_bias_language
  • Bias language is found in the app. :target: https://codecov.io/github/tiran/defusedxml?branch=<<<MAS... (lib/defusedxml-0.7.1.dist-info/METADATA:47) [master]. File: METADATA Line Number: 47
  • Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.cim=target_index (default/transforms.conf:135) [BLACKLIST]. File: transforms.conf Line Number: 135
  • Bias language is found in the app. Project-URL: Changelog, https://github.com/kjd/idna/blob/<<<MASTE... (lib/idna-3.4.dist-info/METADATA:28) [master]. File: METADATA Line Number: 28
  • Bias language is found in the app. for key in ("apps", "slave-apps", "<<<MASTER>>>-apps"): (lib/splunktalib/common/util.py:103) [master]. File: util.py Line Number: 103
  • Bias language is found in the app. # <<<BLACKLIST>>> = (etree._Entity, etree._ProcessingInstruction,... (lib/defusedxml/lxml.py:37) [blacklist]. File: lxml.py Line Number: 37
  • Bias language is found in the app. <https://raw.githubusercontent.com/kennethreitz/spark.py/<<<MASTE... (lib/sparklines-0.4.2-py3.10.egg-info/PKG-INFO:166) [master]. File: PKG-INFO Line Number: 166
  • Bias language is found in the app. .. image:: https://ci.appveyor.com/api/projects/status/github/gra... (lib/sortedcontainers-2.4.0.dist-info/METADATA:146) [master]. File: METADATA Line Number: 146
  • Bias language is found in the app. // inspired by https://github.com/dordille/moment-isoduration/blo... (appserver/static/momentjs/moment.js:5504) [master]. File: moment.js Line Number: 5504
  • Bias language is found in the app. This project is [MIT](https://github.com/Ousret/charset_normalize... (lib/charset_normalizer-3.0.1.dist-info/METADATA:247) [master]. File: METADATA Line Number: 247
  • Bias language is found in the app. <<<BLACKLIST>>> = _etree._Entity (lib/defusedxml/lxml.py:38) [blacklist]. File: lxml.py Line Number: 38
  • Bias language is found in the app. ###    https://github.com/kkxue/Py2ChainMap/blob/<<<MASTER>>>/py2... (lib/future/backports/misc.py:749) [master]. File: misc.py Line Number: 749
  • Bias language is found in the app. .. image:: https://codecov.io/github/tiran/defusedxml/coverage.sv... (lib/defusedxml-0.7.1.dist-info/METADATA:46) [master]. File: METADATA Line Number: 46
  • Bias language is found in the app. was not in the method <<<WHITELIST>>>. (Issue #1059) (lib/urllib3-1.26.14.dist-info/METADATA:657) [whitelist]. File: METADATA Line Number: 657
  • Bias language is found in the app. for key in ("apps", "<<<SLAVE>>>-apps", "master-apps"): (lib/splunktaucclib/rest_handler/util.py:85) [slave]. File: util.py Line Number: 85
  • Bias language is found in the app. .. figure:: https://raw.githubusercontent.com/deeplook/sparklines... (lib/sparklines-0.4.2-py3.10.egg-info/PKG-INFO:35) [master]. File: PKG-INFO Line Number: 35
  • Bias language is found in the app. <<<BLACKLIST>>> = self.<<<BLACKLIST>>> (lib/defusedxml/lxml.py:41) [blacklist]. File: lxml.py Line Number: 41
  • Bias language is found in the app. for key in ("apps", "slave-apps", "<<<MASTER>>>-apps"): (lib/splunktaucclib/rest_handler/util.py:85) [master]. File: util.py Line Number: 85
  • Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.flx=target_index (default/transforms.conf:163) [BLACKLIST]. File: transforms.conf Line Number: 163
  • Bias language is found in the app. .. image:: https://travis-ci.org/tiran/defusedxml.svg?branch=<<<M... (lib/defusedxml-0.7.1.dist-info/METADATA:42) [master]. File: METADATA Line Number: 42
  • Bias language is found in the app. https://github.com/mitsuhiko/jinja2/blob/<<<MASTER>>>/LICENSE) (lib/future/utils/__init__.py:46) [master]. File: __init__.py Line Number: 46
  • Bias language is found in the app. <img src="https://codecov.io/gh/Ousret/charset_normalizer/branch/... (lib/charset_normalizer-3.0.1.dist-info/METADATA:41) [master]. File: METADATA Line Number: 41
  • Bias language is found in the app. for key in ("apps", "<<<SLAVE>>>-apps", "master-apps"): (lib/splunktalib/common/util.py:103) [slave]. File: util.py Line Number: 103
  • Bias language is found in the app. .. figure:: https://raw.githubusercontent.com/deeplook/sparklines... (lib/sparklines-0.4.2-py3.10.egg-info/PKG-INFO:114) [master]. File: PKG-INFO Line Number: 114
  • Bias language is found in the app. * Ref: https://github.com/umdjs/umd/blob/<<<MASTER>>>/templates/j... (appserver/static/notifybar/jquery.notifyBar.js:13) [master]. File: jquery.notifyBar.js Line Number: 13
  • Bias language is found in the app. .. image:: https://api.travis-ci.org/grantjenks/python-sortedcont... (lib/sortedcontainers-2.4.0.dist-info/METADATA:143) [master]. File: METADATA Line Number: 143
  • Bias language is found in the app. if isinstance(child, <<<BLACKLIST>>>): (lib/defusedxml/lxml.py:43) [blacklist]. File: lxml.py Line Number: 43
  • Bias language is found in the app. .. _`Requests`: https://requests.readthedocs.io/en/<<<MASTER>>>/ (lib/certifi-2022.12.7.dist-info/METADATA:73) [master]. File: METADATA Line Number: 73
  • Bias language is found in the app. and release. The <<<MASTER>>> branch received the same fix in Pul... (lib/urllib3-1.26.14.dist-info/METADATA:707) [master]. File: METADATA Line Number: 707
check_for_possible_threading
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/future/backports/misc.py Line Number: 724
  • The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. File: lib/licensing/internal.py Line Number: 163
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/solnlib/splunkenv.py Line Number: 277
  • The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. File: lib/solnlib/splunkenv.py Line Number: 280
  • The following line contains subprocess.check_output usage. Use threading and multiprocessing with discretion. File: lib/licensing/internal.py Line Number: 172
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/future/backports/test/support.py Line Number: 1453
  • The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. File: lib/future/backports/misc.py Line Number: 725
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/licensing/internal.py Line Number: 162
check_kos_are_accessible
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 93
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 45
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 90
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 61
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 80
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 103
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 87
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 106
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 96
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 74
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 71
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 64
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 55
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 77
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 6
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 58
check_custom_conf_replication
  • conf_replication_include.trackme_account setting in sever.conf but does not match custom config file. File: default/server.conf Line Number: 6
check_for_python_script_existence
  • 510 Python files found. Update these Python scripts to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. See https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration for more information. If you've finished your update, please disregard this message.
check_for_existence_of_python_code_block_in_mako_template
  • Update Mako templates to be Python 3-compatible. Splunk Web, which Mako templates depend on, will support only Python 3.7. If you've finished your update, please disregard this message. File: appserver/templates/base.html
check_for_splunkjs
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 14
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/multiselect_all.js Line Number: 5
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 15
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 18
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 33
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 23
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/modals/modal_v100.js Line Number: 1
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 22
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 17
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 36
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 14
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 13
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 14
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 19
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 12
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 27
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 32
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 30
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 22
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 15
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 31
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 28
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_license_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 16
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 29
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 20
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 5
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 4
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 13
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 24
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 13
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 21
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 18
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 25
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 26
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 11
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 11
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 19
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/multiselect_all.js Line Number: 4
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/modals/modal_v100.js Line Number: 2
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 17
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_license_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 12
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 11
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 23
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 16

[ Full Report ]

Malware, viruses, malicious content, user security standards (dynamic checks)
[ success ] Check that the app does not include viruses.
Splunk Packaging Toolkit (SLIM) validation This group uses slim to extend the cloud checks for improved auto-vetting.
[ success ] Check that the provided app package is not .zip type for SSAI purpose
[ success ] Check that apps can be validated by SLIM or reject, since invalid apps can't be installed in Classic Splunk Cloud.
[ not_applicable ] Check that inputs.conf does not include scripted inputs that perform management tasks.
  • File: app.manifest was found, skipping this check.
[ success ] Check that nested archives do not exist as they are not valid for self-service install.
[ success ] Check that nested apps do not exist as they are not valid for self-service install.
[ not_applicable ] Check that inputs.conf.spec does not include modular inputs that perform management tasks.
  • File: app.manifest was found, skipping this check.
[ warning ] Find non-standard config files and notify app developers to confirm that 1. those files are safe to install. 2. those files are partitioned to the expected instances.
  • Custom config file lib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: lib/splunktalib/setting.conf
  • Custom config file default/trackme_settings.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. File: default/trackme_settings.conf
Checks related to JavaScript usage.
[ warning ] Detect usage of JavaScript libraries with known vulnerabilities.
  • This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.
    Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4
    
XML file standards
[ success ] Check that all XML files are well-formed.
[ success ] Check any XML files that embed JavaScript via CDATA for compliance with Splunk Cloud security policy.
Platform targets and claimed supported Splunk Enterprise versions
[ not_applicable ] Check that the app can be setup on a distributed system after self-service. Warn if setup configures non-search-head features like inputs. This makes the app incompatible with distributed environments.
  • File: app.manifest was found. Skipping this check.
Source code and binaries standards
[ manual_check ] Check that files outside of the bin/ directory do not appear to be executable according to the Unix file command. From man file: files have a ``magic number'' stored in a particular place near the beginning of the file that tells the UNIX operating system that the file is a binary executable.
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/scrolledtext.py
  • The executable will be inspected during code review: File: lib/splunktalib/concurrent/concurrent_executor.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/simpledialog.py
  • The executable will be inspected during code review: File: lib/future/moves/sys.py
  • The executable will be inspected during code review: File: lib/future/types/newdict.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/tix.py
  • The executable will be inspected during code review: File: lib/splunktalib/conf_manager/conf_endpoints.py
  • The executable will be inspected during code review: File: lib/certifi/__main__.py
  • The executable will be inspected during code review: File: lib/future/types/newobject.py
  • The executable will be inspected during code review: File: lib/splunktalib/concurrent/process_pool.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/ttk.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/commondialog.py
  • The executable will be inspected during code review: File: lib/licensing/models.py
  • The executable will be inspected during code review: File: lib/splunktalib/conf_manager/property_endpoints.py
  • The executable will be inspected during code review: File: lib/past/types/basestring.py
  • The executable will be inspected during code review: File: lib/trackme_libs_splk_cim.py
  • The executable will be inspected during code review: File: lib/future/moves/builtins.py
  • The executable will be inspected during code review: File: lib/future/moves/configparser.py
  • The executable will be inspected during code review: File: lib/splunktalib/conf_manager/ta_conf_manager.py
  • The executable will be inspected during code review: File: lib/splunktalib/conf_manager/conf_manager.py
  • The executable will be inspected during code review: File: lib/future/moves/reprlib.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/dialog.py
  • The executable will be inspected during code review: File: lib/future/moves/socketserver.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/filedialog.py
  • The executable will be inspected during code review: File: lib/socks.py
  • The executable will be inspected during code review: File: lib/splunktalib/state_store.py
  • The executable will be inspected during code review: File: lib/trackme_libs.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/constants.py
  • The executable will be inspected during code review: File: lib/future/moves/itertools.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/colorchooser.py
  • The executable will be inspected during code review: File: lib/past/utils/__init__.py
  • The executable will be inspected during code review: File: lib/future/moves/queue.py
  • The executable will be inspected during code review: File: lib/trackme_libs_smartstatus.py
  • The executable will be inspected during code review: File: lib/splunktalib/event_writer.py
  • The executable will be inspected during code review: File: lib/past/types/olddict.py
  • The executable will be inspected during code review: File: lib/trackme_libs_splk_flx.py
  • The executable will be inspected during code review: File: lib/future/types/__init__.py
  • The executable will be inspected during code review: File: lib/future/types/newmemoryview.py
  • The executable will be inspected during code review: File: lib/idna/__init__.py
  • The executable will be inspected during code review: File: lib/splunktalib/schedule/scheduler.py
  • The executable will be inspected during code review: File: lib/idna/core.py
  • The executable will be inspected during code review: File: lib/splunktalib/common/util.py
  • The executable will be inspected during code review: File: lib/splunktalib/splunk_cluster.py
  • The executable will be inspected during code review: File: lib/future/types/newrange.py
  • The executable will be inspected during code review: File: lib/past/builtins/noniterators.py
  • The executable will be inspected during code review: File: lib/future/moves/_markupbase.py
  • The executable will be inspected during code review: File: lib/future/moves/__init__.py
  • The executable will be inspected during code review: File: lib/past/types/__init__.py
  • The executable will be inspected during code review: File: lib/certifi/core.py
  • The executable will be inspected during code review: File: lib/idna/intranges.py
  • The executable will be inspected during code review: File: lib/future/tests/base.py
  • The executable will be inspected during code review: File: lib/past/translation/__init__.py
  • The executable will be inspected during code review: File: lib/splunktalib/conf_manager/request.py
  • The executable will be inspected during code review: File: lib/splunktalib/splunk_platform.py
  • The executable will be inspected during code review: File: lib/past/__init__.py
  • The executable will be inspected during code review: File: lib/future/types/newlist.py
  • The executable will be inspected during code review: File: lib/past/types/oldstr.py
  • The executable will be inspected during code review: File: lib/splunktalib/credentials.py
  • The executable will be inspected during code review: File: lib/certifi/__init__.py
  • The executable will be inspected during code review: File: lib/splunktalib/schedule/job.py
  • The executable will be inspected during code review: File: lib/splunktalib/orphan_process_monitor.py
  • The executable will be inspected during code review: File: lib/splunktalib/modinput.py
  • The executable will be inspected during code review: File: lib/idna/uts46data.py
  • The executable will be inspected during code review: File: lib/splunktalib/common/pattern.py
  • The executable will be inspected during code review: File: lib/future/moves/copyreg.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/__init__.py
  • The executable will be inspected during code review: File: lib/past/builtins/misc.py
  • The executable will be inspected during code review: File: lib/future/moves/collections.py
  • The executable will be inspected during code review: File: lib/future/__init__.py
  • The executable will be inspected during code review: File: lib/future/moves/pickle.py
  • The executable will be inspected during code review: File: lib/licensing/methods.py
  • The executable will be inspected during code review: File: lib/sparklines/__init__.py
  • The executable will be inspected during code review: File: lib/splunktalib/conf_manager/data_input_endpoints.py
  • The executable will be inspected during code review: File: lib/idna/compat.py
  • The executable will be inspected during code review: File: lib/future/types/newstr.py
  • The executable will be inspected during code review: File: lib/splunktalib/kv_client.py
  • The executable will be inspected during code review: File: lib/future/moves/subprocess.py
  • The executable will be inspected during code review: File: lib/future/moves/_thread.py
  • The executable will be inspected during code review: File: lib/splunktalib/common/log.py
  • The executable will be inspected during code review: File: lib/splunktalib/file_monitor.py
  • The executable will be inspected during code review: File: lib/future/types/newopen.py
  • The executable will be inspected during code review: File: lib/sockshandler.py
  • The executable will be inspected during code review: File: lib/future/types/newint.py
  • The executable will be inspected during code review: File: lib/splunktalib/timer.py
  • The executable will be inspected during code review: File: lib/future/moves/tkinter/font.py
  • The executable will be inspected during code review: File: lib/splunktalib/timer_queue.py
  • The executable will be inspected during code review: File: lib/splunktalib/rest.py
  • Suppressed 310 manual_check messages
  • The executable will be inspected during code review: File: lib/trackme_libs_splk_feeds.py
  • The executable will be inspected during code review: File: lib/splunktalib/common/xml_dom_parser.py
  • The executable will be inspected during code review: File: lib/sparklines/sparklines.py
  • The executable will be inspected during code review: File: lib/idna/codec.py
  • The executable will be inspected during code review: File: lib/future/moves/_dummy_thread.py
  • The executable will be inspected during code review: File: lib/splunktalib/concurrent/thread_pool.py
  • The executable will be inspected during code review: File: lib/future/types/newbytes.py
  • The executable will be inspected during code review: File: lib/trackme_libs_licensing.py
  • The executable will be inspected during code review: File: lib/trackme_rest_handler.py
  • The executable will be inspected during code review: File: lib/past/builtins/__init__.py
  • The executable will be inspected during code review: File: lib/sparklines/__main__.py
  • The executable will be inspected during code review: File: lib/future/moves/winreg.py
[ success ] Check that files outside of the bin/ and appserver/controllers directory do not have execute permissions and are not .exe files. On Unix platform, Splunk recommends 644 for all app files outside of the bin/ directory, 644 for scripts within the bin/ directory that are invoked using an interpreter (e.g. python my_script.py or sh my_script.sh), and 755 for scripts within the bin/ directory that are invoked directly (e.g. ./my_script.sh or ./my_script). On Windows platform, Splunk recommends removing user's FILE_GENERIC_EXECUTE for all app files outside of the bin/ directory except users in ['Administrators', 'SYSTEM', 'Authenticated Users', 'Administrator'].
Security vulnerabilities
[ success ] Check that all outgoing connections use TLS in accordance to Splunk Cloud Platform policy.
[ success ] Check for sensitive information being exposed in transit via URL query string parameters
[ manual_check ] Check for passwords and secrets.
  • The following line will be inspected during code review. Possible secret disclosure found. Match: -----BEGIN RSA PRIVATE KEY----- File: lib/future/backports/test/ssl_key.passwd.pem Line Number: 1
  • The following line will be inspected during code review. Possible secret disclosure found. Match: -----BEGIN RSA PRIVATE KEY----- File: lib/future/backports/test/badcert.pem Line Number: 1
  • The following line will be inspected during code review. Possible secret disclosure found. Match: -----BEGIN RSA PRIVATE KEY----- File: lib/future/backports/test/badkey.pem Line Number: 21
  • The following line will be inspected during code review. Possible secret disclosure found. Match: -----BEGIN RSA PRIVATE KEY----- File: lib/future/backports/test/badcert.pem Line Number: 19
  • The following line will be inspected during code review. Possible secret disclosure found. Match: -----BEGIN RSA PRIVATE KEY----- File: lib/future/backports/test/badkey.pem Line Number: 1
  • The following line will be inspected during code review. Possible secret disclosure found. Match: akIaMZypxKJW3hKWb9v6 File: appserver/static/img/vtenant/diagram_api.png Line Number: 5
  • The following line will be inspected during code review. Possible secret disclosure found. Match: -----BEGIN RSA PRIVATE KEY----- File: lib/future/backports/test/keycert.passwd.pem Line Number: 1
[ manual_check ] Check for insecure HTTP calls in Python.
  • Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, []; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 152
  • Possible insecure HTTP Connection. Match: urllib.request.Request Positional arguments, ["?", "?"]; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 130
  • Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, ["?", "?"]; Keyword arguments, {"context": "?"} File: lib/licensing/internal.py Line Number: 152
  • Possible insecure HTTP Connection. Match: urllib.urlopen Positional arguments, ["?"]; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 145
  • Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, ["?"]; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 145
  • Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, ["utf-8"]; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 152
  • Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, []; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 145
  • Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, ["utf-8"]; Keyword arguments, {} File: lib/licensing/internal.py Line Number: 145
  • Possible insecure HTTP Connection. Match: urllib.urlopen Positional arguments, ["?", "?"]; Keyword arguments, {"context": "?"} File: lib/licensing/internal.py Line Number: 152
[ manual_check ] Check for environment variable manipulation and attempts to monitor sensitive environment variables.
  • Environment variable being used in bin/trackmesplkoutlierscimgetrules.py:25: os.environ. File: bin/trackmesplkoutlierscimgetrules.py Line Number: 25
  • Environment variable being used in bin/trackmesplkoutlierstrain.py:27: os.environ. File: bin/trackmesplkoutlierstrain.py Line Number: 27
  • Environment variable being used in bin/trackmeextractsplkcim.py:25: os.environ. File: bin/trackmeextractsplkcim.py Line Number: 25
  • Environment variable being used in bin/trackme_rest_handler_vtenants.py:26: os.environ. File: bin/trackme_rest_handler_vtenants.py Line Number: 26
  • Environment variable being used in bin/trackme_rest_handler_splk_data_sampling.py:21: os.environ. File: bin/trackme_rest_handler_splk_data_sampling.py Line Number: 21
  • Environment variable being used in bin/trackmegennotable.py:25: os.environ. File: bin/trackmegennotable.py Line Number: 25
  • Environment variable being used in bin/trackmesplkoutlierssetrules.py:27: os.environ. File: bin/trackmesplkoutlierssetrules.py Line Number: 27
  • Environment variable being used in bin/trackmesplkgetflipping.py:25: os.environ. File: bin/trackmesplkgetflipping.py Line Number: 25
  • Environment variable being used in bin/trackme_rest_handler_backup_and_restore.py:26: os.environ. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 26
  • Environment variable being used in bin/trackme_rest_handler_splk_dataset.py:22: os.environ. File: bin/trackme_rest_handler_splk_dataset.py Line Number: 22
  • Environment variable being used in bin/trackmeextractsplkmhm.py:27: os.environ. File: bin/trackmeextractsplkmhm.py Line Number: 27
  • Environment variable being used in bin/trackmesplkoutliersrender.py:27: os.environ. File: bin/trackmesplkoutliersrender.py Line Number: 27
  • Environment variable being used in bin/trackmeprettyjson.py:24: os.environ. File: bin/trackmeprettyjson.py Line Number: 24
  • Environment variable being used in lib/solnlib/splunkenv.py:55: os.environ. File: lib/solnlib/splunkenv.py Line Number: 55
  • Environment variable being used in bin/trackmetenantstatus.py:26: os.environ. File: bin/trackmetenantstatus.py Line Number: 26
  • Environment variable being used in bin/trackmecimtrackerexecutor.py:27: os.environ. File: bin/trackmecimtrackerexecutor.py Line Number: 27
  • Environment variable being used in bin/trackmeapiautodocs.py:28: os.environ. File: bin/trackmeapiautodocs.py Line Number: 28
  • Environment variable being used in bin/trackmeexpandsplkmhm.py:26: os.environ. File: bin/trackmeexpandsplkmhm.py Line Number: 26
  • Environment variable being used in bin/trackmeelasticexecutor.py:25: os.environ. File: bin/trackmeelasticexecutor.py Line Number: 25
  • Environment variable being used in bin/trackmesamplingexecutor.py:27: os.environ. File: bin/trackmesamplingexecutor.py Line Number: 27
  • Environment variable being used in bin/trackmesplkoutlierscimrender.py:27: os.environ. File: bin/trackmesplkoutlierscimrender.py Line Number: 27
  • Environment variable being used in bin/trackme_rest_handler_splk_tag_policies.py:21: os.environ. File: bin/trackme_rest_handler_splk_tag_policies.py Line Number: 21
  • Environment variable being used in bin/trackmeacktracker.py:26: os.environ. File: bin/trackmeacktracker.py Line Number: 26
  • Environment variable being used in bin/splunkremotesearch.py:28: os.environ. File: bin/splunkremotesearch.py Line Number: 28
  • Environment variable being used in bin/trackmesplkoutlierstrackerhelper.py:26: os.environ. File: bin/trackmesplkoutlierstrackerhelper.py Line Number: 26
  • Environment variable being used in lib/trackme_libs_licensing.py:29: os.environ. File: lib/trackme_libs_licensing.py Line Number: 29
  • Environment variable being used in bin/trackme_rest_handler_splk_identity_cards.py:20: os.environ. File: bin/trackme_rest_handler_splk_identity_cards.py Line Number: 20
  • Environment variable being used in bin/trackme_rest_handler_splk_hybrid_trackers.py:24: os.environ. File: bin/trackme_rest_handler_splk_hybrid_trackers.py Line Number: 24
  • Environment variable being used in bin/trackmesplkoutlierscimsetrules.py:26: os.environ. File: bin/trackmesplkoutlierscimsetrules.py Line Number: 26
  • Environment variable being used in bin/trackme_rest_handler_audit.py:20: os.environ. File: bin/trackme_rest_handler_audit.py Line Number: 20
  • Environment variable being used in bin/archives/trackmepurgeaudit.py:30: os.environ. File: bin/archives/trackmepurgeaudit.py Line Number: 30
  • Environment variable being used in bin/trackmeload.py:26: os.environ. File: bin/trackmeload.py Line Number: 26
  • Environment variable being used in bin/trackme_rest_handler_splk_flx.py:26: os.environ. File: bin/trackme_rest_handler_splk_flx.py Line Number: 26
  • Environment variable being used in lib/solnlib/splunkenv.py:60: os.environ. File: lib/solnlib/splunkenv.py Line Number: 60
  • Environment variable being used in bin/trackmesplkoutlierstrainhelper.py:26: os.environ. File: bin/trackmesplkoutlierstrainhelper.py Line Number: 26
  • Environment variable being used in lib/trackme_libs_splk_feeds.py:31: os.environ. File: lib/trackme_libs_splk_feeds.py Line Number: 31
  • Environment variable being used in bin/trackmesplkoutlierscimtrackerhelper.py:26: os.environ. File: bin/trackmesplkoutlierscimtrackerhelper.py Line Number: 26
  • Environment variable being used in bin/trackme_rest_handler_splk_lagging_classes.py:20: os.environ. File: bin/trackme_rest_handler_splk_lagging_classes.py Line Number: 20
  • Environment variable being used in lib/future/backports/test/support.py:1382: os.environ. File: lib/future/backports/test/support.py Line Number: 1382
  • Environment variable being used in bin/trackme_rest_handler_splk_cim.py:23: os.environ. File: bin/trackme_rest_handler_splk_cim.py Line Number: 23
  • Environment variable being used in lib/trackme_libs_splk_flx.py:32: os.environ. File: lib/trackme_libs_splk_flx.py Line Number: 32
  • Environment variable being used in lib/future/backports/test/support.py:1392: os.environ. File: lib/future/backports/test/support.py Line Number: 1392
  • Environment variable being used in bin/trackmegetconf.py:22: os.environ. File: bin/trackmegetconf.py Line Number: 22
  • Environment variable being used in bin/trackme_rest_handler_splk_mhm.py:21: os.environ. File: bin/trackme_rest_handler_splk_mhm.py Line Number: 21
  • Environment variable being used in lib/licensing/internal.py:18: os.environ. File: lib/licensing/internal.py Line Number: 18
  • Environment variable being used in lib/trackme_libs_splk_cim.py:31: os.environ. File: lib/trackme_libs_splk_cim.py Line Number: 31
  • Environment variable being used in bin/trackme_rest_handler_splk_dsm.py:22: os.environ. File: bin/trackme_rest_handler_splk_dsm.py Line Number: 22
  • Environment variable being used in lib/solnlib/splunkenv.py:193: os.environ. File: lib/solnlib/splunkenv.py Line Number: 193
  • Environment variable being used in bin/trackmemergesplkmhm.py:26: os.environ. File: bin/trackmemergesplkmhm.py Line Number: 26
  • Environment variable being used in bin/trackmecollect.py:25: os.environ. File: bin/trackmecollect.py Line Number: 25
  • Environment variable being used in bin/trackme_rest_handler_splk_elastic_sources.py:21: os.environ. File: bin/trackme_rest_handler_splk_elastic_sources.py Line Number: 21
  • Environment variable being used in lib/future/backports/test/support.py:1379: os.environ. File: lib/future/backports/test/support.py Line Number: 1379
  • Environment variable being used in bin/trackmesplkoutliersgetrules.py:25: os.environ. File: bin/trackmesplkoutliersgetrules.py Line Number: 25
  • Environment variable being used in bin/trackme_rest_handler_splk_logical_groups.py:21: os.environ. File: bin/trackme_rest_handler_splk_logical_groups.py Line Number: 21
  • Environment variable being used in lib/solnlib/splunkenv.py:209: os.environ. File: lib/solnlib/splunkenv.py Line Number: 209
  • Environment variable being used in bin/trackme/modalert_trackme_smart_status_helper.py:23: os.environ. File: bin/trackme/modalert_trackme_smart_status_helper.py Line Number: 23
  • Environment variable being used in bin/trackmemergesplkdhm.py:26: os.environ. File: bin/trackmemergesplkdhm.py Line Number: 26
  • Environment variable being used in bin/trackmeextractsplkdhm.py:27: os.environ. File: bin/trackmeextractsplkdhm.py Line Number: 27
  • Environment variable being used in bin/trackme_rest_handler_ack.py:21: os.environ. File: bin/trackme_rest_handler_ack.py Line Number: 21
  • Environment variable being used in bin/trackme_rest_handler_splk_smart_status.py:24: os.environ. File: bin/trackme_rest_handler_splk_smart_status.py Line Number: 24
  • Environment variable being used in lib/solnlib/splunkenv.py:194: os.environ. File: lib/solnlib/splunkenv.py Line Number: 194
  • Environment variable being used in bin/trackmetrackerhealth.py:27: os.environ. File: bin/trackmetrackerhealth.py Line Number: 27
  • Environment variable being used in bin/trackme_rest_handler_splk_dhm.py:21: os.environ. File: bin/trackme_rest_handler_splk_dhm.py Line Number: 21
  • Environment variable being used in bin/trackme_rest_handler_splk_outliers_engine.py:23: os.environ. File: bin/trackme_rest_handler_splk_outliers_engine.py Line Number: 23
  • Environment variable being used in lib/future/backports/test/support.py:1063: os.environ. File: lib/future/backports/test/support.py Line Number: 1063
  • Environment variable being used in bin/trackmedatasetgen.py:24: os.environ. File: bin/trackmedatasetgen.py Line Number: 24
  • Environment variable being used in lib/solnlib/splunkenv.py:208: os.environ.get. File: lib/solnlib/splunkenv.py Line Number: 208
  • Environment variable being used in bin/trackmesplkoutlierscimtrain.py:27: os.environ. File: bin/trackmesplkoutlierscimtrain.py Line Number: 27
  • Environment variable being used in lib/future/backports/test/support.py:1390: os.environ. File: lib/future/backports/test/support.py Line Number: 1390
  • Environment variable being used in bin/trackme.py:25: os.environ. File: bin/trackme.py Line Number: 25
  • Environment variable being used in bin/trackme_rest_handler_configuration.py:24: os.environ. File: bin/trackme_rest_handler_configuration.py Line Number: 24
  • Environment variable being used in bin/trackme_rest_handler_licensing.py:26: os.environ. File: bin/trackme_rest_handler_licensing.py Line Number: 26
  • Environment variable being used in bin/trackmetrackerexecutor.py:27: os.environ. File: bin/trackmetrackerexecutor.py Line Number: 27
  • Environment variable being used in bin/trackmesplkflxparse.py:26: os.environ. File: bin/trackmesplkflxparse.py Line Number: 26
  • Environment variable being used in lib/future/backports/test/support.py:1378: os.environ. File: lib/future/backports/test/support.py Line Number: 1378
  • Environment variable being used in bin/trackme/modalert_trackme_free_style_rest_call_helper.py:25: os.environ. File: bin/trackme/modalert_trackme_free_style_rest_call_helper.py Line Number: 25
  • Environment variable being used in bin/trackmeopsstatusexpand.py:25: os.environ. File: bin/trackmeopsstatusexpand.py Line Number: 25
  • Environment variable being used in lib/future/backports/test/support.py:1107: os.environ. File: lib/future/backports/test/support.py Line Number: 1107
  • Environment variable being used in lib/solnlib/splunkenv.py:271: os.environ. File: lib/solnlib/splunkenv.py Line Number: 271
  • Environment variable being used in lib/trackme_libs_smartstatus.py:31: os.environ. File: lib/trackme_libs_smartstatus.py Line Number: 31
  • Environment variable being used in bin/trackme_rest_handler_maintenance.py:22: os.environ. File: bin/trackme_rest_handler_maintenance.py Line Number: 22
  • Environment variable being used in lib/trackme_libs.py:32: os.environ. File: lib/trackme_libs.py Line Number: 32
Operating system standards
[ success ] Check for the use of malicious shell commands in configuration files or shell scripts to corrupt the OS or Splunk instance. Other scripting languages are covered by other checks.
Malware, viruses, malicious content, user security standards (static checks)
[ warning ] Check that no sensitive hostnames/IPs are stored in the app.
  • PUBLIC IP 2.02.049.049 is found in appserver/static/boostrap-icons/icons/discord.svg:2 File: appserver/static/boostrap-icons/icons/discord.svg Line Number: 2
  • PUBLIC IP 1.246.08.38 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.92.96.96 is found in appserver/static/boostrap-icons/icons/instagram.svg:2 File: appserver/static/boostrap-icons/icons/instagram.svg Line Number: 2
  • PUBLIC IP 5.5.5.5 is found in lib/PySocks-1.7.1.dist-info/METADATA:70 File: lib/PySocks-1.7.1.dist-info/METADATA Line Number: 70
  • PUBLIC IP 1.07.005.64 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.04.5.5 is found in appserver/static/boostrap-icons/icons/cloud-moon.svg:3 File: appserver/static/boostrap-icons/icons/cloud-moon.svg Line Number: 3
  • PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/file-earmark-richtext.svg:3 File: appserver/static/boostrap-icons/icons/file-earmark-richtext.svg Line Number: 3
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses.svg:2 File: appserver/static/boostrap-icons/icons/emoji-sunglasses.svg Line Number: 2
  • PUBLIC IP 2.113.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 File: appserver/static/boostrap-icons/icons/fingerprint.svg Line Number: 5
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown.svg:3 File: appserver/static/boostrap-icons/icons/emoji-frown.svg Line Number: 3
  • PUBLIC IP 1.011.05.05 is found in appserver/static/boostrap-icons/icons/discord.svg:2 File: appserver/static/boostrap-icons/icons/discord.svg Line Number: 2
  • PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/speaker.svg:3 File: appserver/static/boostrap-icons/icons/speaker.svg Line Number: 3
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-wink-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-angry-fill.svg Line Number: 2
  • PUBLIC IP 2.2.82.64 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 7.072.5.5 is found in appserver/static/boostrap-icons/icons/broadcast.svg:2 File: appserver/static/boostrap-icons/icons/broadcast.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile.svg:3 File: appserver/static/boostrap-icons/icons/emoji-smile.svg Line Number: 3
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.02.05.05 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg Line Number: 2
  • PUBLIC IP 1.011.05.05 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg:3 File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg Line Number: 3
  • PUBLIC IP 2.33.66.07 is found in appserver/static/boostrap-icons/icons/github.svg:2 File: appserver/static/boostrap-icons/icons/github.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-smile-fill.svg Line Number: 2
  • PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/cursor-text.svg:2 File: appserver/static/boostrap-icons/icons/cursor-text.svg Line Number: 2
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-frown-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry.svg:3 File: appserver/static/boostrap-icons/icons/emoji-angry.svg Line Number: 3
  • PUBLIC IP 2.02.05.05 is found in appserver/static/boostrap-icons/icons/discord.svg:2 File: appserver/static/boostrap-icons/icons/discord.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg Line Number: 2
  • PUBLIC IP 1.92.96.96 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.04.5.5 is found in appserver/static/boostrap-icons/icons/cloud-moon-fill.svg:3 File: appserver/static/boostrap-icons/icons/cloud-moon-fill.svg Line Number: 3
  • PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg Line Number: 2
  • PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast-pin.svg:2 File: appserver/static/boostrap-icons/icons/broadcast-pin.svg Line Number: 2
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-frown-fill.svg Line Number: 2
  • PUBLIC IP 6.84.58.58 is found in appserver/static/boostrap-icons/icons/bootstrap-reboot.svg:2 File: appserver/static/boostrap-icons/icons/bootstrap-reboot.svg Line Number: 2
  • PUBLIC IP 1.246.08.38 is found in appserver/static/boostrap-icons/icons/whatsapp.svg:2 File: appserver/static/boostrap-icons/icons/whatsapp.svg Line Number: 2
  • PUBLIC IP 1.23.82.72 is found in appserver/static/boostrap-icons/icons/github.svg:2 File: appserver/static/boostrap-icons/icons/github.svg Line Number: 2
  • PUBLIC IP 7.072.5.5 is found in appserver/static/boostrap-icons/icons/broadcast-pin.svg:2 File: appserver/static/boostrap-icons/icons/broadcast-pin.svg Line Number: 2
  • PUBLIC IP 1.23.82.72 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 3.028.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 File: appserver/static/boostrap-icons/icons/fingerprint.svg Line Number: 5
  • PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.113.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 6.84.58.58 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink.svg:3 File: appserver/static/boostrap-icons/icons/emoji-wink.svg Line Number: 3
  • PUBLIC IP 2.049.098.133 is found in appserver/static/boostrap-icons/icons/whatsapp.svg:2 File: appserver/static/boostrap-icons/icons/whatsapp.svg Line Number: 2
  • PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg:3 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg Line Number: 3
  • PUBLIC IP 1.07.005.64 is found in appserver/static/boostrap-icons/icons/123.svg:2 File: appserver/static/boostrap-icons/icons/123.svg Line Number: 2
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink.svg:3 File: appserver/static/boostrap-icons/icons/emoji-wink.svg Line Number: 3
  • PRIVATE IP 192.0.2.1 is found in lib/future/backports/test/nullbytecert.pem:46 File: lib/future/backports/test/nullbytecert.pem Line Number: 46
  • PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.69.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.2.82.64 is found in appserver/static/boostrap-icons/icons/github.svg:2 File: appserver/static/boostrap-icons/icons/github.svg Line Number: 2
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-angry-fill.svg Line Number: 2
  • PUBLIC IP 2.049.098.133 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.33.66.07 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 7.072.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-wink-fill.svg Line Number: 2
  • PUBLIC IP 1.69.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 File: appserver/static/boostrap-icons/icons/fingerprint.svg Line Number: 5
  • PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-fill.svg:2 File: appserver/static/boostrap-icons/icons/emoji-smile-fill.svg Line Number: 2
  • PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast.svg:2 File: appserver/static/boostrap-icons/icons/broadcast.svg Line Number: 2
  • PUBLIC IP 2.04.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.182.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.02.049.049 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile.svg:3 File: appserver/static/boostrap-icons/icons/emoji-smile.svg Line Number: 3
  • PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/input-cursor-text.svg:2 File: appserver/static/boostrap-icons/icons/input-cursor-text.svg Line Number: 2
  • PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 3.028.5.5 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 File: appserver/static/boostrap-icons/bootstrap-icons.svg Line Number: 1
  • PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg:3 File: appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg Line Number: 3
  • PUBLIC IP 2.182.5.5 is found in appserver/static/boostrap-icons/icons/arrow-repeat.svg:3 File: appserver/static/boostrap-icons/icons/arrow-repeat.svg Line Number: 3
Bias language (static checks)
[ warning ] Check that the app does not include any bias words.
  • Bias language is found in the app. :target: https://codecov.io/github/tiran/defusedxml?branch=<<<MAS... (lib/defusedxml-0.7.1.dist-info/METADATA:47) [master]. File: METADATA Line Number: 47
  • Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.cim=target_index (default/transforms.conf:135) [BLACKLIST]. File: transforms.conf Line Number: 135
  • Bias language is found in the app. Project-URL: Changelog, https://github.com/kjd/idna/blob/<<<MASTE... (lib/idna-3.4.dist-info/METADATA:28) [master]. File: METADATA Line Number: 28
  • Bias language is found in the app. for key in ("apps", "slave-apps", "<<<MASTER>>>-apps"): (lib/splunktalib/common/util.py:103) [master]. File: util.py Line Number: 103
  • Bias language is found in the app. # <<<BLACKLIST>>> = (etree._Entity, etree._ProcessingInstruction,... (lib/defusedxml/lxml.py:37) [blacklist]. File: lxml.py Line Number: 37
  • Bias language is found in the app. <https://raw.githubusercontent.com/kennethreitz/spark.py/<<<MASTE... (lib/sparklines-0.4.2-py3.10.egg-info/PKG-INFO:166) [master]. File: PKG-INFO Line Number: 166
  • Bias language is found in the app. .. image:: https://ci.appveyor.com/api/projects/status/github/gra... (lib/sortedcontainers-2.4.0.dist-info/METADATA:146) [master]. File: METADATA Line Number: 146
  • Bias language is found in the app. // inspired by https://github.com/dordille/moment-isoduration/blo... (appserver/static/momentjs/moment.js:5504) [master]. File: moment.js Line Number: 5504
  • Bias language is found in the app. This project is [MIT](https://github.com/Ousret/charset_normalize... (lib/charset_normalizer-3.0.1.dist-info/METADATA:247) [master]. File: METADATA Line Number: 247
  • Bias language is found in the app. <<<BLACKLIST>>> = _etree._Entity (lib/defusedxml/lxml.py:38) [blacklist]. File: lxml.py Line Number: 38
  • Bias language is found in the app. ###    https://github.com/kkxue/Py2ChainMap/blob/<<<MASTER>>>/py2... (lib/future/backports/misc.py:749) [master]. File: misc.py Line Number: 749
  • Bias language is found in the app. .. image:: https://codecov.io/github/tiran/defusedxml/coverage.sv... (lib/defusedxml-0.7.1.dist-info/METADATA:46) [master]. File: METADATA Line Number: 46
  • Bias language is found in the app. was not in the method <<<WHITELIST>>>. (Issue #1059) (lib/urllib3-1.26.14.dist-info/METADATA:657) [whitelist]. File: METADATA Line Number: 657
  • Bias language is found in the app. for key in ("apps", "<<<SLAVE>>>-apps", "master-apps"): (lib/splunktaucclib/rest_handler/util.py:85) [slave]. File: util.py Line Number: 85
  • Bias language is found in the app. .. figure:: https://raw.githubusercontent.com/deeplook/sparklines... (lib/sparklines-0.4.2-py3.10.egg-info/PKG-INFO:35) [master]. File: PKG-INFO Line Number: 35
  • Bias language is found in the app. <<<BLACKLIST>>> = self.<<<BLACKLIST>>> (lib/defusedxml/lxml.py:41) [blacklist]. File: lxml.py Line Number: 41
  • Bias language is found in the app. for key in ("apps", "slave-apps", "<<<MASTER>>>-apps"): (lib/splunktaucclib/rest_handler/util.py:85) [master]. File: util.py Line Number: 85
  • Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.flx=target_index (default/transforms.conf:163) [BLACKLIST]. File: transforms.conf Line Number: 163
  • Bias language is found in the app. .. image:: https://travis-ci.org/tiran/defusedxml.svg?branch=<<<M... (lib/defusedxml-0.7.1.dist-info/METADATA:42) [master]. File: METADATA Line Number: 42
  • Bias language is found in the app. https://github.com/mitsuhiko/jinja2/blob/<<<MASTER>>>/LICENSE) (lib/future/utils/__init__.py:46) [master]. File: __init__.py Line Number: 46
  • Bias language is found in the app. <img src="https://codecov.io/gh/Ousret/charset_normalizer/branch/... (lib/charset_normalizer-3.0.1.dist-info/METADATA:41) [master]. File: METADATA Line Number: 41
  • Bias language is found in the app. for key in ("apps", "<<<SLAVE>>>-apps", "master-apps"): (lib/splunktalib/common/util.py:103) [slave]. File: util.py Line Number: 103
  • Bias language is found in the app. .. figure:: https://raw.githubusercontent.com/deeplook/sparklines... (lib/sparklines-0.4.2-py3.10.egg-info/PKG-INFO:114) [master]. File: PKG-INFO Line Number: 114
  • Bias language is found in the app. * Ref: https://github.com/umdjs/umd/blob/<<<MASTER>>>/templates/j... (appserver/static/notifybar/jquery.notifyBar.js:13) [master]. File: jquery.notifyBar.js Line Number: 13
  • Bias language is found in the app. .. image:: https://api.travis-ci.org/grantjenks/python-sortedcont... (lib/sortedcontainers-2.4.0.dist-info/METADATA:143) [master]. File: METADATA Line Number: 143
  • Bias language is found in the app. if isinstance(child, <<<BLACKLIST>>>): (lib/defusedxml/lxml.py:43) [blacklist]. File: lxml.py Line Number: 43
  • Bias language is found in the app. .. _`Requests`: https://requests.readthedocs.io/en/<<<MASTER>>>/ (lib/certifi-2022.12.7.dist-info/METADATA:73) [master]. File: METADATA Line Number: 73
  • Bias language is found in the app. and release. The <<<MASTER>>> branch received the same fix in Pul... (lib/urllib3-1.26.14.dist-info/METADATA:707) [master]. File: METADATA Line Number: 707
addon_builder.conf standards The addon_builder.conf file located at default/addon_builder.conf provides the information about the add on builder associated with the Splunk App
[ not_applicable ] Check that the addon_builder.conf contains an builder version number in the [base] stanza. Ensure that apps built with Add-on Builder are maintained with an up-to-date version of Add-on Builder.
  • addon_builder.conf does not exist
Python file standards
[ manual_check ] Check for untrusted xml usages in python libraries
  • The following lines should be inspected during code review, the xml functions not safe enough. Using various XLM methods to parse untrusted XML data is known to be vulnerable to XML attacks. Methods should be replaced with their defusedxml equivalents.Module/Method is xml.etree.ElementTree.iterparse File: lib/splunklib/results.py Line Number: 230
[ not_applicable ] Check python httplib2 version.
  • Python httplib2 library not found.
[ success ] Check that all network communications are encrypted
[ success ] Check possible root privilege escalation
[ success ] check if possible reverse shell exist in python code
[ success ] Check if restricted execution exist in current app
[ success ] Check for UDP network communication
[ manual_check ] Check if python runtime services could be used to manipulate system python objects
  • The following lines should be inspected during code review, Possible system python objects manipulation `inspect.stack` found here. File: lib/future/utils/__init__.py Line Number: 372
  • The following lines should be inspected during code review, Possible system python objects manipulation `inspect.stack` found here. File: lib/past/builtins/misc.py Line Number: 141
[ success ] Check if multimedia services module could be used to execute unknown-source multimedia files
[ success ] Check if program frameworks could be used to interface with web part
[ warning ] Check for the use of threading, and multiprocesses. Threading or process must be used with discretion and not negatively affect the Splunk installation as a whole.
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/future/backports/misc.py Line Number: 724
  • The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. File: lib/licensing/internal.py Line Number: 163
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/solnlib/splunkenv.py Line Number: 277
  • The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. File: lib/solnlib/splunkenv.py Line Number: 280
  • The following line contains subprocess.check_output usage. Use threading and multiprocessing with discretion. File: lib/licensing/internal.py Line Number: 172
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/future/backports/test/support.py Line Number: 1453
  • The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. File: lib/future/backports/misc.py Line Number: 725
  • The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. File: lib/licensing/internal.py Line Number: 162
[ manual_check ] check for plain text credentials disclosure in python files
  • The following lines should be inspected during code review, Possible plain text credentials disclosure here, `PASSWORD = ******` File: lib/splunktaucclib/rest_handler/credentials.py Line Number: 95
  • The following lines should be inspected during code review, Possible plain text credentials disclosure here, `PATH_STORAGE_PASSWORDS = storage/passwords` File: lib/splunklib/client.py Line Number: 113
[ success ] Check for operating system features that are available on selected operating systems only.
[ manual_check ] check if networking or file manipulation exist in interprocess modules usage
  • The following lines should be inspected during code review. `socket.bind` could be used to open socket connection to outside service. File: lib/future/backports/test/support.py Line Number: 612
  • The following lines should be inspected during code review. `socket.connect` could be used to open socket connection to outside service. File: lib/splunklib/binding.py Line Number: 575
[ success ] Check for the use of web server classes, they could be used to start a internal server in current app
[ manual_check ] Check Python code for importing modules dynamically.
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/future/backports/test/support.py Line Number: 135
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/cd.py Line Number: 27
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/cd.py Line Number: 31
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/utils.py Line Number: 321
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/utils.py Line Number: 318
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/utils.py Line Number: 326
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/utils.py Line Number: 325
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/future/backports/test/support.py Line Number: 220
  • The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. File: lib/charset_normalizer/utils.py Line Number: 256
[ success ] Check that there are no hidden python files included in the app.
[ manual_check ] check if generic operating system modules could be used to communicate with outside services, files or systems
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeextractsplkmhm.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierstrackerhelper.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmemergesplkdhm.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_licensing.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_audit.py Line Number: 24
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_mhm.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesamplingexecutor.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeprettyjson.py Line Number: 27
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: lib/trackme_libs_splk_flx.py Line Number: 112
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_maintenance.py Line Number: 26
  • The following lines should be inspected during code review. `logging.StreamHandler` could be used to receive data from outside or log data to outside. File: lib/charset_normalizer/utils.py Line Number: 358
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutliersrender.py Line Number: 30
  • The following lines should be inspected during code review. `argparse.ArgumentParser.parse_args` could be used to receive data from outside or log data to outside. File: lib/sparklines/__main__.py Line Number: 122
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierscimtrackerhelper.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_cim.py Line Number: 27
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierscimrender.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_tag_policies.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_dataset.py Line Number: 26
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeapiautodocs.py Line Number: 31
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_lagging_classes.py Line Number: 24
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierscimsetrules.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmetrackerhealth.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_hybrid_trackers.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_flx.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmemergesplkmhm.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmetrackerexecutor.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkflxparse.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_elastic_sources.py Line Number: 25
  • The following lines should be inspected during code review. `argparse.ArgumentParser.parse_args` could be used to receive data from outside or log data to outside. File: lib/future/backports/test/ssl_servers.py Line Number: 186
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeextractsplkcim.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_dhm.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/splunkremotesearch.py Line Number: 31
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: lib/trackme_libs_splk_cim.py Line Number: 128
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierscimgetrules.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmegennotable.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierscimtrain.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeload.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeelasticexecutor.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_vtenants.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierssetrules.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_configuration.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_smart_status.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/archives/trackmepurgeaudit.py Line Number: 33
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_outliers_engine.py Line Number: 27
  • The following lines should be inspected during code review. `argparse.ArgumentParser.parse_args` could be used to receive data from outside or log data to outside. File: lib/charset_normalizer/cli/normalizer.py Line Number: 133
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmetenantstatus.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkgetflipping.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeopsstatusexpand.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmecollect.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_dsm.py Line Number: 26
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_ack.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeexpandsplkmhm.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmecimtrackerexecutor.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeacktracker.py Line Number: 29
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutliersgetrules.py Line Number: 28
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmegetconf.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmeextractsplkdhm.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmedatasetgen.py Line Number: 27
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_data_sampling.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierstrain.py Line Number: 30
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_logical_groups.py Line Number: 25
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackme_rest_handler_splk_identity_cards.py Line Number: 24
  • The following lines should be inspected during code review. `logging.FileHandler` could be used to receive data from outside or log data to outside. File: bin/trackmesplkoutlierstrainhelper.py Line Number: 29
  • The following lines should be inspected during code review. `logging.StreamHandler` could be used to receive data from outside or log data to outside. File: lib/charset_normalizer/api.py Line Number: 27
[ manual_check ] Check for possible file and directory access, they could be used in external file manipulation
  • The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: lib/future/backports/test/support.py Line Number: 1949
  • The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 542
  • The following line will be inspected during code review. The `os.open` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?", "?"], keywords: {} File: lib/future/backports/test/support.py Line Number: 855
  • The following line will be inspected during code review. The `os.mkdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 403
  • The following line will be inspected during code review. The `io.BytesIO.write` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: lib/urllib3/response.py Line Number: 528
  • The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 285
  • The following line will be inspected during code review. The `os.unlink` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: lib/future/backports/test/support.py Line Number: 313
  • The following line will be inspected during code review. The `os.symlink` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?", "?"], keywords: {} File: lib/future/backports/test/support.py Line Number: 1944
  • The following line will be inspected during code review. The `os.rename` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?", "?"], keywords: {} File: lib/future/backports/test/support.py Line Number: 357
  • The following line will be inspected during code review. The `tempfile.mkstemp` module/method can be used to access file/directory outside of the app dir. Function call arguments: [], keywords: {} File: lib/future/backports/test/support.py Line Number: 1967
  • The following line will be inspected during code review. The `os.mkdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 405
  • The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 733
  • The following line will be inspected during code review. The `os.mkdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["tempcwd"], keywords: {} File: lib/future/backports/test/support.py Line Number: 805
  • The following line will be inspected during code review. The `os.rmdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 716
  • The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 1035
  • The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 1189
  • The following line will be inspected during code review. The `os.rmdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} File: lib/future/backports/test/support.py Line Number: 311
[ success ] Check if debugging library could be used to execute arbitrary commands
[ success ] check for data persistence usage which could be used to invoke marshall function call
[ manual_check ] check if data compression and archiving libraries could be used to read & write files outside of app dir
  • The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 981
  • The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 484
  • The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 234
[ success ] Check if custom python interpreters could be used in malicious code execution
[ success ] Check that there are no .pyc or .pyo files included in the app.
[ manual_check ] Check for builtin functions(open, eval, execfile, file) usages in python files
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 527
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/trackme_libs_licensing.py Line Number: 71
  • The following line will be inspected during code review. The __builtin__.eval module/method can be used to execute arbitrary expression. File: bin/trackmeextractsplkmhm.py Line Number: 176
  • The following line will be inspected during code review. The __builtin__.eval module/method can be used to execute arbitrary expression. File: bin/trackmeextractsplkdhm.py Line Number: 182
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/licensing/internal.py Line Number: 191
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/trackme_libs_licensing.py Line Number: 77
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/trackme_libs_licensing.py Line Number: 366
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 460
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 270
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/test/test_sparkline.py Line Number: 208
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: bin/app.py Line Number: 69
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/licensing/internal.py Line Number: 186
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/trackme_libs_licensing.py Line Number: 148
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 1017
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/past/builtins/misc.py Line Number: 151
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/test/test_sparkline.py Line Number: 216
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/charset_normalizer/cli/normalizer.py Line Number: 263
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/trackme_libs_licensing.py Line Number: 372
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/charset_normalizer/api.py Line Number: 542
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: bin/trackme_rest_handler_backup_and_restore.py Line Number: 1129
  • The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/trackme_libs_licensing.py Line Number: 378
[ manual_check ] Check that the python __import__ method is not used in a way that can be exploited (e.g., import(conf_setting) is at risk of code injection).
  • The `__builtin__.__import__` function was detected being used. Please use the `import` keyword instead. Third-Party libraries are exempt from this requirement. File: lib/future/backports/test/support.py Line Number: 147
[ success ] Check all python files are well formed under python2 and python3 standard
Data model files and configurations Data models are defined in a datamodels.conf file in the /default directory of the app. For more, see About data models and datamodels.conf.
[ not_applicable ] Check that the use of accelerated data models do not occur. If data model acceleration is required, developers should provide directions in documentation for how to accelerate data models from within the Splunk Web GUI. data model acceleration
  • No datamodels.conf file exists.
REST endpoints and handler standards REST endpoints are defined in a restmap.conf file in the /default directory of the app. For more, see restmap.conf.
[ success ] Check that each stanza in restmap.conf has a matching handler script. if not, throw a warning.
[ success ] Check that python version is python3 for executables in restmap.conf.
[ success ] Check that restmap.conf file exists at default/restmap.conf when using REST endpoints.
Custom workflow actions structure and standards Custom workflow actions are defined in a workflow_actions.conf file in the /default directory of the app. For more, see About lookups and workflow_actions.conf.
Custom search command structure and standards Custom search commands are defined in a commands.conf file in the /default directory of the app. For more, see About writing custom search commands and commands.conf.
[ success ] Check that commands.conf must explicitly define the python.version to be python3 for each python-scripted custom command.
Alert actions structure and standards Custom alert actions are defined in an alert_actions.conf file located in the /default directory of the app. For more, see Custom alert actions overview and alert_actions.conf.
[ success ] Check that each custom alert action has a valid executable. If it does, further check if the executable is Python script. If it does, further check it's Python 3 compatible.
Server configuration file standards Ensure that server.conf is well formed and valid. For detailed information about the server configuration file, see server.conf.
[ success ] Check that server.conf in an app is only allowed to contain:1) conf_replication_include.\<custom_conf_files> in [shclustering] stanza2) or EXCLUDE-\<class> property in [diag] stanza,
Props Configuration file standards Ensure that all props.conf files located in the default (or local) folder are well formed and valid. props.conf transforms.conf
[ success ] Check that pretrained sourctypes in props.conf have only "TRANSFORM-" or "SEDCMD" settings, and that those transforms only modify the host, source, or sourcetype.
Meta file standards Ensure that all meta files located in the /metadata folder are well formed and valid.
[ warning ] Check that knowledge objects with access control restrictions defined in *.meta files are accessible to customers in Splunk Cloud.
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 93
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 45
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 90
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 61
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 80
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 103
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 87
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 106
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 96
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 74
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 71
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 64
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 55
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 77
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 6
  • The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object File: default.meta Line Number: 58
Indexes.conf file standards Ensure that the index configuration file located in the /default folder is well formed and valid. For more, see indexes.conf.
[ success ] Check that no default Splunk indexes are modified by the app.
[ success ] Check that all index names contain lowercase characters. If index names have any upper case characters any attempts to edit the index in the UI will cause a duplicate index stanza creation which will cause many errors in Splunk.
[ success ] Check that indexes.conf only contains the required 'homePath' , 'coldPath', and 'thawedPath' properties or the optional 'frozenTimePeriodInSecs', 'disabled', 'datatype' and 'repFactor' properties. All other properties are prohibited. This check is cloud only because indexes are not allowed via check_indexes_conf_does_not_exist.
[ success ] Check that all the coldToFrozenScript in indexes.conf are explicitly set the python.version to python3.
Configuration file standards Ensure that all configuration files located in the /default folder are well formed and valid.
[ success ] Check that app does not contain any .conf files that create global definitions using the [default] stanza.
[ success ] Check that app conf files do not point to files outside the app container. Because hard-coded paths won't work in Splunk Cloud, we don't consider to check absolute paths.
[ success ] Check that all config files parse cleanly- no trailing whitespace after continuations, no duplicated stanzas or options.
[ success ] Check that the filed.<name> type in collections.conf does not include boolean. Use bool instead.
Directory structure standards Ensure that the directories and files in the app adhere to hierarchy standards.
[ not_applicable ] Check that local/passwords.conf does not exist. Password files are not transferable between instances.
  • The local directory does not exist.
[ success ] Check that when decompressed the Splunk app directory name matches the id property in the [package] stanza in app.conf. For Cloud apps, the id property must exist and match the app directory name. For on-premise apps, if the id property exists, it must match the app directory name; if there is no id property, check_for_updates must be set to False in app.conf for the check to pass.
[ success ] Check that the app name does not start with digits
[ success ] Check that the file 'local.meta' does not exist. All metadata permissions should be set in 'default.meta'.
[ success ] Check that app has no .conf or dashboard filenames that contain spaces. Splunk software does not support such files.
[ success ] Check that the 'local' directory does not exist. All configuration should be in the 'default' directory.
App.conf standards The app.conf file located at default/app.conf provides key application information and branding. For more, see app.conf.
[ success ] Check that custom conf files have a corresponding reload trigger in app.conf Without a reload trigger the app will request a restart on any change to the conf file, which may be a negative experience for end-users.
[ not_applicable ] Check in default/app.conf and 'local/app.conf', install_source_local_checksum not be set explicitly.
  • `local/app.conf` does not exist.
[ not_applicable ] Check in default/app.conf and 'local/app.conf', install_source_checksum not be set explicitly.
  • `local/app.conf` does not exist.
[ success ] Check that the app.conf contains a label key value pair in the [ui] stanza and the length is between 5 and 80 characters inclusive.
[ success ] Check that the [package] stanza in app.conf has a valid id value. See https://docs.splunk.com/Documentation/Splunk/latest/Admin/Appconf for details.
[ success ] Check that default/app.conf doesn't have a reload.<CONF_FILE>, where CONF_FILE is a non-custom conf. (https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/Appconf#.5Btriggers.5D)
[ warning ] Check that custom .conf files have a a matching conf_replication_include. value in server.conf, under the [shclustering] stanza, to ensure that configurations are synchronized across Search Head Clusters.
  • conf_replication_include.trackme_account setting in sever.conf but does not match custom config file. File: default/server.conf Line Number: 6
Saved search standards Saved searches are defined in a savedsearches.conf file located in the /default directory of the app. For more, see Save and share your reports and savedsearches.conf.
[ success ] Check that if a savedsearch.conf stanza contains scheduling options it does contain a dispatch.latest_time
[ success ] Check that if a scheduled saved search in savedsearch.conf contains dispatch.earliest_time option, or if a scheduled saved search with auto summary enabled contains auto_summarize.dispatch.earliest_time option
[ success ] Check that no real-time pre-index saved searches are being used in savedsearches.conf. Real-time pre-index saved searches are extremely system intensive and should be avoided.
[ success ] Check that default/savedsearches.conf searches are cron scheduled reasonably. Less than five asterisks should be used.
Lookup file standards Lookups add fields from an external source to events based on the values of fields that are already present in those events.
[ success ] Check that no two files/directories under the lookups directory have this naming pattern respectively: xxx and xxx.default - with the only difference in the .default extension. During the installation of an app in Splunk Cloud, a lookup file will be temporarily renamed to append an additional .default extension to it, which will cause error if a namesake file already exists.
JSON file standards
[ success ] Check that all JSON files are well formed.
Modular inputs structure and standards Modular inputs are configured in an inputs.conf.spec file located in the /README directory of the app. For more, see Modular inputs overview, Modular inputs configuration, and Modular inputs basic example.
[ not_applicable ] Check that all the modular inputs defined in inputs.conf.spec are explicitly set the python.version to python3.
  • No `inputs.conf.spec` file exists.
Web.conf File Standards Ensure that web.conf is safe for cloud deployment and that any exposed patterns match endpoints defined by the app - apps should not expose endpoints other than their own. Including web.conf can have adverse impacts for cloud. Allow only [endpoint:*] and [expose:*] stanzas, with expose only containing pattern= and methods= properties. web.conf
[ success ] Check that web.conf only defines [endpoint:] and [expose:] stanzas, with [expose:*] only containing pattern= and methods=.
Deprecated features from Splunk Enterprise 8.0 The following features should not be supported in Splunk 8.0.0 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check for the existence of the M2Crypto package usage, which is removed in the Splunk Enterprise 8.0.
[ warning ] Check for the existence of Python scripts, which must be upgraded to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0.
  • 510 Python files found. Update these Python scripts to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. See https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration for more information. If you've finished your update, please disregard this message.
[ warning ] Check for the existence of Python code block in Mako templates, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0.
  • Update Mako templates to be Python 3-compatible. Splunk Web, which Mako templates depend on, will support only Python 3.7. If you've finished your update, please disregard this message. File: appserver/templates/base.html
[ success ] Check for the existence of custom CherryPy endpoints, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0.
[ success ] Check that there is no Advanced XML, which was deprecated in Splunk Enterprise 6.3.
Deprecated features from Splunk Enterprise 7.3 The following features should not be supported in Splunk 7.3 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check deprecated tscollect command usage.
Deprecated features from Splunk Enterprise 7.2 The following features should not be supported in Splunk 7.2 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check deprecated literals.conf existence.
Deprecated features from Splunk Enterprise 7.1 The following features should not be supported in Splunk 7.1 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check deprecated input command usage.
Deprecated or removed features from Splunk Enterprise 6.6 The following features should not be supported in Splunk 6.6 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check existence for displayRowNumbers option in simple xml. This option is no longer supported since Splunk 6.6.
[ not_applicable ] Check removed support for setting autoLB in outputs.conf
  • No outputs.conf file exists.
[ success ] Check apps/appinstall usages
Deprecated features from Splunk Enterprise 6.5 The following features should not be supported in Splunk 6.5 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check Dashboard XML files for <option> element with the deprecated option value "refresh.auto.interval" i.e. <option name="refresh.auto.interval">
Deprecated features from Splunk Enterprise 6.4 The following features should not be supported in Splunk 6.4 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check that web.conf does not use the simple_xml_module_render property.
[ success ] Check that a web.conf does not use the property 'simple_xml_force_flash_charting'.
[ success ] Checks that views are not importing googlemapsview.
[ success ] Checks that views are not importing d3chartview.
[ success ] Check Simple XML files for <single> panels with deprecated options 'additionalClass', 'afterLabel', 'beforeLabel', 'classField', 'linkFields', 'linkSearch', 'linkView'
[ success ] Check that <option name="height"> uses an integer for the value. Do not use <option name="height">[value]px</option>.
Deprecated features from Splunk Enterprise 6.3 These following features should not be supported in Splunk 6.3 or later. For more, see Deprecated features and Changes for Splunk App developers.
[ success ] Check for the deprecated <seed> option in Simple XML forms. Use the <initialValue> element instead.
[ success ] Check for the deprecated <option name='previewResults'> in Simple XML files.
[ success ] Check for Simple XML <chart> panels with deprecated options charting.axisLabelsY.majorTickSize or charting.axisLabelsY.majorLabelVisibility.
[ success ] Check for use of running a script in alert action
[ success ] Check for use of Django bindings.
Deprecated features from Splunk Enterprise 6.2 The following features should not be supported in Splunk 6.2 or later. https://docs.splunk.com/Documentation/Splunk/6.2.0/ReleaseNotes/Deprecatedfeatures
[ success ] Check for the deprecated grouping attribute of row node in Simple XML files. Use the <panel> node instead.
[ success ] Check for the deprecated <populatingSearch> and <populatingSavedSearch> elements in dashboard XML files. Use the <search> element instead.
[ success ] Check for the deprecated <earliestTime> and <latestTime> elements in dashboard XML files. As of version 6.2 these elements are replaced by <earliest> and <latest> elements.
[ success ] Check Dashboard XML files for <list> element. <list> was deprecated in Splunk 6.2 and removed in Splunk 6.5.
Deprecated features from Splunk Enterprise 6.1 The following features should not be supported in Splunk 6.1 or later.
[ success ] Check that deprecated datamodel/acceleration is not used. https://docs.splunk.com/Documentation/Splunk/6.2.0/RESTREF/RESTknowledge
Deprecated features from Splunk Enterprise 6.0 The following features should not be supported in Splunk 6.0 or later.
[ not_applicable ] Check that default/viewstates.conf does not exist in the app. (http://docs.splunk.com/Documentation/Splunk/6.0/AdvancedDev/Migration#Viewstates_are_no_longer_supported_in_simple_XML)
  • viewstates.conf does not exist.
[ success ] Check that app does not contain crawl.conf as it was deprecated&removed in Splunk.
Deprecated features from Splunk Enterprise 5.0 The following features should not be supported in Splunk 5.0 or later.
[ success ] Check that saved searches are not used within event types. https://docs.splunk.com/Documentation/Splunk/5.0/ReleaseNotes/Deprecatedfeatures https://docs.splunk.com/Documentation/Splunk/7.2.5/Knowledge/Abouteventtypes
[ success ] Check that app does not use findtypes command. This command was for eventtype auto-discovering, which is deprecated in Splunk 5.0.
Outputs.conf file standards Ensure that the outputs.conf file located in the /default folder of the app is well formed and valid. For more, see outputs.conf.
[ not_applicable ] Check that forwarding enabled in 'outputs.conf' is failed in cloud
  • `outputs.conf` does not exist.
Limits.conf file standards Ensure that /default/limits.conf file is omitted. When included in the app, the limits.conf file changes the limits that are placed on the system for hardware use and memory consumption, which is a task that should be handled by Splunk administrators and not by Splunk app developers. For more, see limits.conf.
[ success ] Check that default/limits.conf has not been included.
jQuery vulnerabilities
[ success ] Check that the dashboards in your app have a valid version attribute.
[ success ] Check for HTML dashboards, which are deprecated.
[ success ] Check that the app files are not importing files directly from the search head.
JavaScript file standards
[ success ] Check that app does not use REST endpoint to collect and send telemetry data.
[ success ] Check if any weak encryption in JavaScript
[ success ] Check if the app contains udp communication in JavaScript files.
[ success ] Check for usages of telemetry metrics in JavaScript
[ not_applicable ] Check if possible stored xss in JavaScript
  • `default/setup.xml` does not exist. The stored xss check is not applicable
[ manual_check ] Check if the app contain possible remote code execution in JavaScript files.
  • The following line will be inspected during code review. Match: eval(object_state!="green" AND object_state!="blue" AND File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="medium" File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(priority="high" AND status="red" File: appserver/static/trackMe_home_v100.js Line Number: 13504
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="high" File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(monitored_state="disabled" File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(priority="high" File: appserver/static/trackMe_home_v100.js Line Number: 13517
  • The following line will be inspected during code review. Match: eval(object_state!="green" AND object_state!="blue" AND File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state="blue" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(object_state="red" AND monitored_state="enabled" A File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(object_state="green" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(object_state="orange" AND monitored_state="enabled File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(object_state="red" AND priority="high" AND monitor File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(monitored_state="disabled" File: appserver/static/trackMe_home_v100.js Line Number: 13605
  • The following line will be inspected during code review. Match: eval(object_state="green" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(object_state="red" AND monitored_state="enabled" A File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state="orange" AND monitored_state="enabled File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state="green" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state="red" AND monitored_state="enabled" A File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="low" File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="low" File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="medium" File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(object_state="blue" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(monitored_state="disabled" File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(object_state="red" AND monitored_state="enabled" A File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(priority="medium" File: appserver/static/trackMe_home_v100.js Line Number: 13517
  • The following line will be inspected during code review. Match: eval(object_state="green" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="high" File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(object_state="blue" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(object_state="red" AND priority="high" AND monitor File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(status!="green" AND monitored_state="enabled" AND File: appserver/static/trackMe_home_v100.js Line Number: 13593
  • The following line will be inspected during code review. Match: eval(monitored_state="disabled" File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="low" File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state="blue" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(status="green" File: appserver/static/trackMe_home_v100.js Line Number: 13504
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="medium" File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="low" File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(status!="green" AND monitored_state="enabled" File: appserver/static/trackMe_home_v100.js Line Number: 13580
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="medium" File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state="red" AND priority="high" AND monitor File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(priority="low" File: appserver/static/trackMe_home_v100.js Line Number: 13517
  • The following line will be inspected during code review. Match: eval(priority!="high" AND status="red" File: appserver/static/trackMe_home_v100.js Line Number: 13504
  • The following line will be inspected during code review. Match: eval(object_state="orange" AND monitored_state="enabled File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="high" File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(monitored_state="disabled" File: appserver/static/trackMe_home_v100.js Line Number: 13214
  • The following line will be inspected during code review. Match: eval(object_state!="green" AND object_state!="blue" AND File: appserver/static/trackMe_home_v100.js Line Number: 13171
  • The following line will be inspected during code review. Match: eval(object_state!="green" AND object_state!="info" AND File: appserver/static/trackMe_home_v100.js Line Number: 11627
  • The following line will be inspected during code review. Match: eval(monitored_state="enabled" AND priority="high" File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(object_state="orange" AND monitored_state="enabled File: appserver/static/trackMe_home_v100.js Line Number: 13443
  • The following line will be inspected during code review. Match: eval(object_state="red" AND priority="high" AND monitor File: appserver/static/trackMe_home_v100.js Line Number: 13443
[ success ] Check if possible reflected xss in JavaScript
[ manual_check ] Check if the app contain possible insecure http request in JavaScript files.
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 5216
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 37167
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 4886
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 36937
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35540
  • Suppressed 57 manual_check messages
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 12861
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 7682
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35207
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 18443
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 10433
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 36707
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 34322
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 1482
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 10530
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 33336
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 519
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35113
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_maintenance_v100.js Line Number: 472
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 3956
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 78
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 9247
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 3889
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 7415
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 10375
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 36078
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35731
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 36165
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 3700
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 5296
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 5217
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_maintenance_v100.js Line Number: 301
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_maintenance_v100.js Line Number: 542
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 34517
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 5162
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 8235
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 7454
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 312
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 573
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 414
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 98
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 37484
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 3728
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 7612
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 38096
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 37621
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 3809
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 1304
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 7752
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 5107
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35925
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35643
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 2477
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 33257
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 12899
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 2396
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 34422
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 4363
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 51
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 7555
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35017
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 6593
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 4029
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 34903
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 3679
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 12193
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 2557
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 36351
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 343
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 6512
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 38002
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 1629
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 12174
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 1385
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 256
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 25184
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 34800
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 3660
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 5135
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 10471
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 5363
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 6834
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 5436
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35837
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 10321
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 29889
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 5577
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 5047
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35452
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 34702
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 467
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 36255
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 1556
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 6666
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 11853
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 35303
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_license_v100.js Line Number: 16
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 4983
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_home_v100.js Line Number: 6431
  • The following line will be inspected during code review. Match: $.ajax( File: appserver/static/trackMe_vtenants_v100.js Line Number: 8984
[ success ] Check if the app contains possible iframe in JavaScript files, templates or html pages.
[ success ] Check if any sensitive data leakage in console log
Checking for Front-end Libraries This check looks for various front-end libraries inside of apps. As of 03/23/2022, we are looking at Splunk UI and it's predecessor, SplunkJS. This is currently an INFORMATIONAL Check.
[ success ] Check that @splunk/visualizations is being used.
[ success ] Check that @splunk/react-ui is being used.
[ warning ] Check that SplunkJS is being used.
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 14
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/multiselect_all.js Line Number: 5
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 15
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 18
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 33
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 23
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/modals/modal_v100.js Line Number: 1
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 22
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 17
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 36
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 14
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 13
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 14
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 19
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 12
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 27
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 32
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 30
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 22
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 15
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 31
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 28
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_license_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 16
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 29
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 20
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 5
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 4
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 13
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 24
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 13
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 21
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 18
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 25
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 8
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 26
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 11
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_maintenance_v100.js Line Number: 11
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 19
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/multiselect_all.js Line Number: 4
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 7
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_api_reference.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/modals/modal_v100.js Line Number: 2
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 17
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_license_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 10
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 12
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 11
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_vtenants_v100.js Line Number: 23
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 6
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 9
  • Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc File: appserver/static/trackMe_home_v100.js Line Number: 16
[ success ] Check that @splunk/dashboard-core is being used.
Cloud operations simple application check This group serves to help validate simple applications in an effort to try and automate the validation process for cloud operations.
[ success ] Check that app does not contain workload_rules.conf in Cloud as it automatically trigger actions on running search processes.
[ success ] Check that app does not contain workload_pools.conf in Cloud. App should not modify workload categories/pools. It should be only controlled by cloud administrators.
[ success ] Check that app does not contain wmi.conf is as it is prohibited in Splunk Cloud due to its ability to configure Splunk to ingest data via Windows Management Instrumentation, which should be done via forwarder. Forwarders are not permitted in Splunk Cloud.
[ success ] Check that app does not contain user-seed.conf as it is used to preconfigure default login and password information.
[ success ] Check that transforms.conf does not contain any transforms with malicious command scripts specified by external_cmd=<string> attribute, or does not contain a scripted lookup with python2 only script.
[ not_applicable ] Check that the app does not have default/passwords.conf, otherwise, warn it.
  • passwords.conf does not exist.
[ success ] Check that the app does not contain configurations of default source type in props.conf, which will overwrite the configurations of default source types in system/default/props.conf then it will affect other apps in splunk enterprise/cloud.
[ success ] Check that the app contains MS Windows specific components, which will not function correctly in Splunk Cloud whose OS should be Linux x64.
[ success ] Check that app does not contain telemetry.conf as it controls a Splunk-internal feature that should not be configured by apps.
[ not_applicable ] Check that only role-mapping stanza is allowed in authenticaiton.conf as long as it doesn't map users to a cloud-internal role.
  • `default/authentication.conf` does not exist.
[ success ] Check that app does not contain splunk-launch.conf as it defines environment values used at startup time. System-wide environment variables should be left up to Splunk administrators.
[ success ] Check that app does not contain sourcetypes.conf as it is a machine-generated file that stores source type learning rules. props.conf should be used to define sourcetypes.
[ success ] Check that app does not contain source-classifier.conf.conf as it configures system-wide settings for ignoring terms (such as sensitive data).
[ success ] Check that setup.xml does not exist in the app default folder
[ success ] Check that app does not contain serverclass.seed.xml.conf as it configures deploymentClient to seed a Splunk installation with applications at startup time. Apps should leave deployment configuration up to Splunk administrators.
[ success ] Check that app does not contain serverclass.conf as it defines deployment server classes for use with deployment server. Apps should leave deployment configuration up to Splunk administrators.
[ success ] Check that app does not contain segmenters.conf with splunk stanza. A misconfigured segmenters.conf can result in unsearchable data that could only be addressed by re-indexing and segmenters.conf configuration is system-wide.
[ not_applicable ] Check that python version is python3 for scripted inputs defined in inputs.conf.
  • `default/inputs.conf` does not exist.
[ not_applicable ] Check the cmd path pattern of scripted input defined in inputs.conf.
  • `inputs.conf` does not exist.
[ success ] Check that Splunk SDK for Python is up-to-date.
[ success ] Check that app does not contain pubsub.conf as it defines a custom client for the deployment server. Apps should leave deployment configuration up to Splunk administrators.
[ not_applicable ] Check that there is a script file in bin/ for each modular input defined in README/inputs.conf.spec.
  • No `inputs.conf.spec` was detected.
[ success ] Check that app does not contain messages.conf. Apps should not alter/override messages/externalized strings.
[ success ] Check that app does not contain literals.conf. Apps should not alter/override text strings displayed in Splunk Web.
[ success ] Check that Splunk SDK for Java is up-to-date.
[ success ] Check that app does not contain crawl.conf as it allows Splunk to introspect the filesystem which is not permitted in Splunk Cloud.
[ success ] Check that app does not contain instance.cfg.conf. Apps should not configure server/instance specific settings.
[ not_applicable ] Check that inputs.conf does not have any UDP inputs.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that default/inputs.conf or local/inputs.conf does not contain a tcp stanza.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that inputs.conf does not have any SSL inputs.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that default/inputs.conf or local/inputs.conf does not contain a splunktcptoken stanza.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that default/inputs.conf or local/inputs.conf does not contain a splunktcp stanza.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that inputs.conf does not have any remote_queue inputs.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that default/inputs.conf or local/inputs.conf contains accurate [http://name] stanza if it exists.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that default/inputs.conf or local/inputs.conf does not contain a [http] stanza.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that default/inputs.conf or local/inputs.conf does not contain a fschange stanza.
  • `inputs.conf` does not exist.
[ not_applicable ] Check that batch input accesses files in a permitted way. To be permissible, the batch input must meet the following criteria: 1) The file path needs to match a file in the directory "$SPLUNK_HOME/var/spool/splunk/" 2) The file name needs to be application specific "$SPLUNK_HOME/etc/apps/" 3) The file name should not end with "stash" or "stash_new"
  • `inputs.conf` does not exist.
[ not_applicable ] Check that batch input has required attributes. The following key/value pairs are required for batch inputs: move_policy = sinkhole
  • `inputs.conf` does not exist.
[ success ] Check that indexes defined in indexes.conf use relative paths starting with $SPLUNK_DB.
[ success ] Check that app does not contain health.conf as sc_admin is not able to see or configure health report in Cloud.
[ not_applicable ] Check if the app contains Perl scripts. Perl scripts will be inspected for compliance with Splunk Cloud security policy.
  • No Perl scripts found in app.
[ not_applicable ] Check whether the app contains java files. Java files will be inspected for compliance with Splunk Cloud security policy.
  • No java files found in app.
[ not_applicable ] Check the [fifo] stanza in inputs.conf is not pointing to a path within a cloud replicated scope defined by distsearch.conf. [fifo] usually points to a file whose size may inflate. This kind of files MUST NOT be replicated across cloud environments since they will significantly consume network bandwidth.
  • The default/inputs.conf does not exist.
[ success ] Check that indexes.conf does not declare volumes.
[ success ] Check that use of 'tscollect' in .conf filesl and dashboard xmls then fail it.
[ manual_check ] Check that all executable binary files have matching source code. For any binary files, there should be a source code provided with the same name. Or, there should be a decalaration of what the binary file is all about in the app's REAMDE. Details for passing this check will be returned if you fail it.
  • Please ensure the binary files are safe. Related info might be included in App README. Binary   Format: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8f498aa2b9a2c653793f0a0a8216d2db8c23ed33, with debug_info, not stripped  README: README.txt File: lib/charset_normalizer/md__mypyc.cpython-310-x86_64-linux-gnu.so
  • Please ensure the binary files are safe. Related info might be included in App README. Binary   Format: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=1d0456a9401d9da9a17b28999aaae3d88f8479bc, with debug_info, not stripped  README: README.txt File: lib/charset_normalizer/md.cpython-310-x86_64-linux-gnu.so
[ success ] Check that app does not contain deploymentclient.conf as it configures the deployment server client. Apps should leave deployment configuration up to Splunk administrators.
[ success ] Check that app does not contain deployment.conf. Apps should leave deployment configuration up to Splunk administrators. Also, deployment.conf has been removed and replaced by: 1) deploymentclient.conf - for configuring Deployment Clients 2) serverclass.conf - for Deployment Server server class configuration.
[ success ] Check that app does not contain default-mode.conf is as it is prohibited in Splunk Cloud due to the fact that Splunk Light Forwarders and Splunk Universal Forwarders are not run in Splunk Cloud.
[ success ] Check that app does not contain datatypesbnf.conf, as it is prohibited in Splunk Cloud.
[ success ] Check that custom search commands have an executable or script per stanza.
[ success ] Check that app does not contain bookmarks.conf as this feature is not available in Splunk Cloud.
[ success ] Check that app does not contain audit.conf, as it is prohibited in Splunk Cloud due to its ability to configure/disable cryptographic signing and certificates.
[ success ] Check that the static/ directory contains only known file types. Ensure malicious files are not passed off as metadata files.
[ success ] Check that the metadata/ directory only contains .meta files. Ensure malicious files are not passed off as metadata files.
[ success ] Check that lookups/ contains only approved file types (.csv, .csv.default, .csv.gz, .csv.tgz, .kmz) or files formatted as valid csv. Ensure malicious files are not passed off as lookup files.
[ success ] Check for disallowed stanza tokens_auth in authorize.conf. Splunk Cloud prohibits the use of tokens_auth in authorize.conf
[ success ] Check if concerningReplicatedFileSize in distsearch.conf is larger than 50 MB.
[ not_applicable ] Check that directories under data/ui contain only allowed files. Identify for manual review items that might cause passwords to be stored in plaintext.
  • data/ui/manager does not exist
[ success ] Check that directories under data/ui contain only allowed files. Ensure unnecessary, unwanted files are not bundled in the app inappropriately.
[ success ] Check that authorize.conf does not grant excessive administrative permissions to the user. Prevent roles from gaining unauthorized permissions.
[ success ] Check that commands referenced in the alert.execute.cmd property of all alert actions are checked for compliance with Splunk Cloud security policy. Prevent alert_actions.conf from being used to execute malicious commands.
Binary file standards
[ success ] Checks that binaries that are distributed to the IDX tier of a distributed Splunk platform deployment are compatible with aarch64.
Authorize.conf file standards Ensure that the authorize configuration file located in the /default folder is well formed and valid. For more, see authorize.conf.
[ success ] Check that authorize.conf does not contain any modified capabilities.
Authentication.conf file standards Ensure that bindDNpassword is not specified. For more, see authentication.conf.
[ not_applicable ] Check that all the scripted authentications defined in authentication.conf are explicitly set the python.version to python3.
  • authentication.conf does not exist.
[ not_applicable ] Check that saml-* stanzas in authentication.conf do not turn off signedAssertion property
  • authentication.conf does not exist.
Splunk app packaging standards These checks validate that a Splunk app has been correctly packaged, and can be provided safely for package validation.
[ not_applicable ] Check that the Splunk App package with a .dependencies directory also contains exactly one valid app folder.
  • No ../.dependencies folder found. Please add a .dependencies directory with an valid app folder.
[ not_applicable ] Check that the Splunk App package with a .dependencies directory also contains an app folder with an app.manifest.
  • No ../.dependencies folder found. Please add a .dependencies directory that contains an app folder with an app.manifest.
[ success ] Check that the Splunk app provided a valid compressed file.
[ success ] Check that the Splunk app provided does not start with a . character.
[ not_applicable ] Check that the Splunk App package contains only valid dependencies. Dependencies are valid if a .dependencies directory contains only valid app packages inside.
  • No ../.dependencies folder found. Please check that the Splunk App package contains only valid dependencies.
[ success ] Check that the Splunk app provided does not contain incorrect permissions. Packages must have have the owner's read permission set to r (400).
[ success ] Check that the compressed artifact extracts to a directory that does not start with a . character.
[ success ] Check that the Splunk App package does not contain any non-app files. Files within a valid app folder or valid dependencies within a .dependencies folder are permitted, all other files are not.
[ success ] Check that the extracted Splunk App does not contain any directories or files that start with a ., or directories that start with __MACOSX.
[ success ] Check that the extracted Splunk App does not contain any directories with incorrect permissions. Directories and sub directories must have the owner's permissions set to r/w/x (700).
[ success ] Check that the extracted Splunk App does not contain any files with incorrect permissions. Files must have the owner's permissions include read and write (600).
[ success ] Check that the extracted Splunk App contains a default/app.conf file that contains an [id] or [launcher] stanza with a version property that is formatted as Major.Minor.Revision.
[ success ] Check that the extracted Splunk App contains a default/app.conf file.
[ not_applicable ] Check that the app does not use Adobe Flash files.
  • Didn't find any flash files.