TrackMe

Data tracking system for Splunk

Author TrackMe Limited, U.K.
Tags cloud
Version 2.1.6
Hash d9e693508a51affa5732bcf8d2a32621
AppInspect Request ID 0599703d-9015-448f-b39a-a70312c1b410
Run Time 2024-12-15T14:43:15.055179
Execution Time 478

Run parameters:

Field Value
AppInspect Version 3.8.1

Analyzers:

Name Version Is Latest
dynamic-checks 1.36.0 True
retire-js 1.0.2 True
static-checks 3.8.1 True

Compatibility totals:

Status Count
Successes
144
Failures
0
Errors
0
Warnings
15
Manual Checks
16
Not Applicable
68
Skipped
0

[ Warning Summary ]

Warnings are non-blocking concerns. But they are strongly recommended to be fixed.

check_for_vulnerable_javascript_library_usage

File: /opt/appb18bd4gc/trackme/appserver/static/js/build/573.42635284c26ad26a2025.js
This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.
Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4

check_custom_confs

File: lib/splunktalib/setting.conf
Custom config file lib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. 
File: default/trackme_settings.conf
Custom config file default/trackme_settings.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. 

check_for_splunk_dashboard_core

File: appserver/static/js/build/573.42635284c26ad26a2025.js
440Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize the Unified Dashboard Framework (UDF). Please ignore this warning as it has no impact to your Splunk app. Match: @splunk/dashboard-layouts 
File: appserver/static/js/build/573.42635284c26ad26a2025.js
128Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize the Unified Dashboard Framework (UDF). Please ignore this warning as it has no impact to your Splunk app. Match: @splunk/dashboard-validation 

check_for_splunk_frontend_utility_components

File: appserver/static/js/build/573.42635284c26ad26a2025.js
1078Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize Splunk UI utility components. Please ignore this warning as it has no impact to your Splunk app. Match: @splunk/moment 

check_for_splunk_js

File: appserver/static/trackMe_maintenance_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
24Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
26Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
4Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/modals/modal_v100.js
2Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/js/build/entry_page.js
2Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
21Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
17Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_license_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
22Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
13Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
30Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
32Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
17Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
14Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
14Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
18Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
19Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/multiselect_all.js
4Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_license_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
33Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
22Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
16Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
5Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
28Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/modals/modal_v100.js
1Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
14Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
23Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
13Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
18Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
27Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
20Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
29Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
36Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
25Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
16Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/multiselect_all.js
5Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
19Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
31Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
23Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 

check_for_splunk_js_header_and_footer_view

File: appserver/static/js/build/entry_page.js
2As of Splunk 6.5, this functionality is deprecated and should be removed in futureapp versions. Match: splunkjs/mvc/headerview. 

check_for_existence_of_python_code_block_in_mako_template

File: appserver/templates/base.html
Update Mako templates to be Python 3-compatible. Splunk Web, which Mako templates depend on, will support only Python 3.7. If you've finished your update, please disregard this message. 

check_for_python_script_existence

452 Python files found. Update these Python scripts to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. See https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration for more information. If you've finished your update, please disregard this message.

check_collections_conf_for_specified_name_field_type

File: default/collections.conf
69The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # planned, unplanned` in `field.type`. 
File: default/collections.conf
73The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # end time of the maintenance in epochtime` in `field.time_end`. 
File: default/collections.conf
76The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # last modification time of the maintenance record` in `field.mtime`. 
File: default/collections.conf
74The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # expiration time of the maintenance in epochtime` in `field.time_expiration`. 
File: default/collections.conf
75The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # creation time of the maintenance record` in `field.ctime`. 
File: default/collections.conf
72The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # start time of the maintenance in epochtime` in `field.time_start`. 
File: default/collections.conf
66The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `bool # if true, the maintenance record is disabled` in `field.is_disabled`. 
File: default/collections.conf
67The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `number # number of days of validity, if set to 0, the maintenance record is valid forever` in `field.no_days_validity`. 
File: default/collections.conf
70The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # additional information` in `field.add_info`. 
File: default/collections.conf
68The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # reason for the maintenance` in `field.reason`. 
File: default/collections.conf
71The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # user who created the maintenance record` in `field.src_user`. 

check_kos_are_accessible

File: metadata/default.meta
44The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
63The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
57The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
79The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
89The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
102The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
5The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
105The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
76The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
60The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
86The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
95The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
92The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
70The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
73The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
54The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 

check_props_conf_has_no_prohibited_characters_in_sourcetypes

File: default/props.conf
395Found a prohibited character in [(?::){0}trackme:custom_commands:*] stanza in props.conf. Special characters <>?&# are not allowed. Rename the stanza to not contain any forbidden characters. 

check_python_sdk_version

File: lib/splunklib/__init__.py
33Splunk SDK for Python detected (version 2.1.0). No action required at this time. 

check_for_possible_threading

File: bin/trackmetrackerhealth.py
1503The following line contains questionable usage `threading.Thread.start` in loop. Use threading and multiprocessing with discretion. 
File: lib/solnlib/splunkenv.py
302The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. 
File: lib/licensing/internal.py
191The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. 
File: lib/dateutil/zoneinfo/rebuild.py
62The following line contains subprocess.check_call usage. Use threading and multiprocessing with discretion. 
File: lib/dateutil/zoneinfo/rebuild.py
52The following line contains subprocess.check_output usage. Use threading and multiprocessing with discretion. 
File: lib/licensing/internal.py
200The following line contains subprocess.check_output usage. Use threading and multiprocessing with discretion. 
File: bin/trackmereplicaexecutor.py
370The following line contains questionable usage `threading.Thread.start` in loop. Use threading and multiprocessing with discretion. 
File: lib/licensing/internal.py
190The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. 
File: lib/solnlib/splunkenv.py
305The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. 

check_for_bias_language

File: transforms.conf.spec
65Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS = <dimension_field1>, <dimensi... (README/transforms.conf.spec:65) [BLACKLIST]. 
File: transforms.conf
285Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk_dhm=target_index,... (default/transforms.conf:285) [BLACKLIST]. 
File: lxml.py
37Bias language is found in the app. # <<<BLACKLIST>>> = (etree._Entity, etree._ProcessingInstruction,... (lib/defusedxml/lxml.py:37) [blacklist]. 
File: transforms.conf
363Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.wlk=target_index,... (default/transforms.conf:363) [BLACKLIST]. 
File: transforms.conf.spec
66Bias language is found in the app. METRIC-SCHEMA-<<<WHITELIST>>>-DIMS = <dimension_field1>, <dimensi... (README/transforms.conf.spec:66) [WHITELIST]. 
File: METADATA
33Bias language is found in the app. Project-URL: Changelog, https://github.com/kjd/idna/blob/<<<MASTE... (lib/idna-3.10.dist-info/METADATA:33) [master]. 
File: transforms.conf
233Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.components_register=ta... (default/transforms.conf:233) [BLACKLIST]. 
File: METADATA
279Bias language is found in the app. This project is [MIT](https://github.com/Ousret/charset_normalize... (lib/charset_normalizer-3.4.0.dist-info/METADATA:279) [master]. 
File: transforms.conf.spec
62Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-<unique_metric_name_prefix> = ... (README/transforms.conf.spec:62) [BLACKLIST]. 
File: moment.js
5561Bias language is found in the app. // inspired by https://github.com/dordille/moment-isoduration/blo... (appserver/static/momentjs/moment.js:5561) [master]. 
File: METADATA
63Bias language is found in the app. :target: https://dev.azure.com/pythondateutilazure/dateutil/_buil... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:63) [master]. 
File: METADATA
146Bias language is found in the app. .. image:: https://ci.appveyor.com/api/projects/status/github/gra... (lib/sortedcontainers-2.4.0.dist-info/METADATA:146) [master]. 
File: METADATA
143Bias language is found in the app. .. image:: https://api.travis-ci.org/grantjenks/python-sortedcont... (lib/sortedcontainers-2.4.0.dist-info/METADATA:143) [master]. 
File: METADATA
184Bias language is found in the app. <https://raw.githubusercontent.com/kennethreitz/spark.py/<<<MASTE... (lib/sparklines-0.5.0.dist-info/METADATA:184) [master]. 
File: 573.42635284c26ad26a2025.js.LICENSE.txt
251Bias language is found in the app. * https://github.com/foliojs/pdfkit/blob/<<<MASTER>>>/lib/securit... (appserver/static/js/build/573.42635284c26ad26a2025.js.LICENSE.txt:251) [master]. 
File: METADATA
54Bias language is found in the app. .. |travis| image:: https://img.shields.io/travis/dateutil/dateut... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:54) [master]. 
File: lxml.py
41Bias language is found in the app. <<<BLACKLIST>>> = self.<<<BLACKLIST>>> (lib/defusedxml/lxml.py:41) [blacklist]. 
File: METADATA
47Bias language is found in the app. :target: https://codecov.io/github/tiran/defusedxml?branch=<<<MAS... (lib/defusedxml-0.7.1.dist-info/METADATA:47) [master]. 
File: lxml.py
43Bias language is found in the app. if isinstance(child, <<<BLACKLIST>>>): (lib/defusedxml/lxml.py:43) [blacklist]. 
File: METADATA
67Bias language is found in the app. :target: https://codecov.io/gh/dateutil/dateutil?branch=<<<MASTER... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:67) [master]. 
File: lxml.py
38Bias language is found in the app. <<<BLACKLIST>>> = _etree._Entity (lib/defusedxml/lxml.py:38) [blacklist]. 
File: transforms.conf
337Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.flx=target_index,... (default/transforms.conf:337) [BLACKLIST]. 
File: transforms.conf
259Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk_dsm=target_index,... (default/transforms.conf:259) [BLACKLIST]. 
File: METADATA
28Bias language is found in the app. :target: https://github.com/benjaminp/six/blob/<<<MASTER>>>/LICEN... (lib/six-1.17.0.dist-info/METADATA:28) [master]. 
File: 573.42635284c26ad26a2025.js
1109Bias language is found in the app. `,bn=({level:e="info",message:t="",centered:n=!0})=>T.createEleme... (appserver/static/js/build/573.42635284c26ad26a2025.js:1109) [master]. 
File: METADATA
710Bias language is found in the app. was not in the method <<<WHITELIST>>>. (Issue #1059) (lib/urllib3-1.26.20.dist-info/METADATA:710) [whitelist]. 
File: transforms.conf
207Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.sla=target_index,metri... (default/transforms.conf:207) [BLACKLIST]. 
File: METADATA
58Bias language is found in the app. .. |appveyor| image:: https://img.shields.io/appveyor/ci/dateutil... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:58) [master]. 
File: transforms.conf.spec
63Bias language is found in the app. METRIC-SCHEMA-<<<WHITELIST>>>-DIMS-<unique_metric_name_prefix> = ... (README/transforms.conf.spec:63) [WHITELIST]. 
File: trackMe_audit_svc_usage.xml
4Bias language is found in the app. <definition><![CDATA[{"visualizations":{"viz_wEwqDRvv":{"type":"s... (default/data/ui/views/trackMe_audit_svc_usage.xml:4) [slave]. 
File: METADATA
60Bias language is found in the app. .. _`Requests`: https://requests.readthedocs.io/en/<<<MASTER>>>/ (lib/certifi-2024.12.14.dist-info/METADATA:60) [master]. 
File: METADATA
42Bias language is found in the app. .. image:: https://travis-ci.org/tiran/defusedxml.svg?branch=<<<M... (lib/defusedxml-0.7.1.dist-info/METADATA:42) [master]. 
File: 573.42635284c26ad26a2025.js
1081Bias language is found in the app. || ${s} === "boolean" || ${o} === null`).assign(l,a._`[${o}]`)}}r... (appserver/static/js/build/573.42635284c26ad26a2025.js:1081) [master]. 
File: transforms.conf
311Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk_mhm=target_index,... (default/transforms.conf:311) [BLACKLIST]. 
File: METADATA
62Bias language is found in the app. .. |pipelines| image:: https://dev.azure.com/pythondateutilazure/... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:62) [master]. 
File: METADATA
66Bias language is found in the app. .. |coverage| image:: https://codecov.io/gh/dateutil/dateutil/bra... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:66) [master]. 
File: util.py
103Bias language is found in the app. for key in ("apps", "<<<SLAVE>>>-apps", "master-apps"): (lib/splunktalib/common/util.py:103) [slave]. 
File: METADATA
760Bias language is found in the app. and release. The <<<MASTER>>> branch received the same fix in Pul... (lib/urllib3-1.26.20.dist-info/METADATA:760) [master]. 
File: transforms.conf
181Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.cim=target_index (default/transforms.conf:181) [BLACKLIST]. 
File: METADATA
46Bias language is found in the app. .. image:: https://codecov.io/github/tiran/defusedxml/coverage.sv... (lib/defusedxml-0.7.1.dist-info/METADATA:46) [master]. 
File: models.py
94Bias language is found in the app. raise ValueError("The expiration date cannot be converted to a da... (lib/licensing/models.py:94) [master]. 

check_hostnames_and_ips

File: appserver/static/boostrap-icons/icons/emoji-sunglasses.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-smile.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile.svg:3 
File: appserver/static/boostrap-icons/icons/bootstrap-reboot.svg
2PUBLIC IP 6.84.58.58 is found in appserver/static/boostrap-icons/icons/bootstrap-reboot.svg:2 
File: appserver/static/boostrap-icons/icons/github.svg
2PUBLIC IP 2.2.82.64 is found in appserver/static/boostrap-icons/icons/github.svg:2 
File: appserver/static/boostrap-icons/icons/lungs.svg
2PUBLIC IP 2.33.67.6 is found in appserver/static/boostrap-icons/icons/lungs.svg:2 
File: appserver/static/boostrap-icons/icons/repeat-1.svg
2PUBLIC IP 7.223.5.5 is found in appserver/static/boostrap-icons/icons/repeat-1.svg:2 
File: lib/PySocks-1.7.1.dist-info/METADATA
70PUBLIC IP 5.5.5.5 is found in lib/PySocks-1.7.1.dist-info/METADATA:70 
File: appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg:2 
File: appserver/static/boostrap-icons/icons/fingerprint.svg
5PUBLIC IP 1.69.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 
File: appserver/static/boostrap-icons/icons/input-cursor-text.svg
2PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/input-cursor-text.svg:2 
File: appserver/static/boostrap-icons/bootstrap-icons.svg
1PUBLIC IP 5.18.125.126 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 
File: appserver/static/boostrap-icons/icons/emoji-frown.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown.svg:3 
File: appserver/static/boostrap-icons/icons/cursor-text.svg
2PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/cursor-text.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-smile-fill.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-fill.svg:2 
File: appserver/static/boostrap-icons/icons/browser-edge.svg
4PUBLIC IP 3.3.25.25 is found in appserver/static/boostrap-icons/icons/browser-edge.svg:4 
File: appserver/static/boostrap-icons/icons/emoji-angry.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry.svg:3 
File: appserver/static/boostrap-icons/icons/backpack2-fill.svg
3PUBLIC IP 3.43.5.5 is found in appserver/static/boostrap-icons/icons/backpack2-fill.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-frown-fill.svg
2PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown-fill.svg:2 
File: appserver/static/boostrap-icons/icons/instagram.svg
2PUBLIC IP 1.92.96.96 is found in appserver/static/boostrap-icons/icons/instagram.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-wink.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink.svg:3 
File: appserver/static/boostrap-icons/icons/rocket-takeoff.svg
4PUBLIC IP 5.18.125.126 is found in appserver/static/boostrap-icons/icons/rocket-takeoff.svg:4 
File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-angry-fill.svg
2PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry-fill.svg:2 
File: appserver/static/boostrap-icons/icons/regex.svg
2PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/regex.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-wink-fill.svg
2PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink-fill.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg
2PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg:2 
File: appserver/static/boostrap-icons/icons/file-earmark-richtext.svg
3PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/file-earmark-richtext.svg:3 
File: appserver/static/boostrap-icons/icons/arrow-repeat.svg
3PUBLIC IP 2.182.5.5 is found in appserver/static/boostrap-icons/icons/arrow-repeat.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg
3PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg:2 
File: appserver/static/boostrap-icons/icons/backpack-fill.svg
3PUBLIC IP 3.43.5.5 is found in appserver/static/boostrap-icons/icons/backpack-fill.svg:3 
File: appserver/static/boostrap-icons/icons/speaker.svg
3PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/speaker.svg:3 
File: appserver/static/boostrap-icons/icons/broadcast-pin.svg
2PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast-pin.svg:2 
File: appserver/static/boostrap-icons/icons/broadcast.svg
2PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast.svg:2 

[ Full Report ]

Checks related to JavaScript usage.

[
warning
]
check_for_vulnerable_javascript_library_usage - Detect usage of JavaScript libraries with known vulnerabilities.
File: /opt/appb18bd4gc/trackme/appserver/static/js/build/573.42635284c26ad26a2025.js
This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale.
Regular Expression Denial of Service (ReDoS), Affecting moment package, versions >=2.18.0 <2.29.4

Splunk Packaging Toolkit (SLIM) validation This group uses slim to extend the cloud checks for improved auto-vetting.

[
warning
]
check_custom_confs - Find non-standard config files and notify app developers to confirm that 1. those files are safe to install. 2. those files are partitioned to the expected instances.
File: lib/splunktalib/setting.conf
Custom config file lib/splunktalib/setting.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. 
File: default/trackme_settings.conf
Custom config file default/trackme_settings.conf is detected in this app. By default, it will be partitioned to all instances including Search Head(s), Indexer(s) and Forwarder(s). If that's not what you expect, you can use the `targetWorkloads` attribute in app.manifest to indicate the correct instances. For more details about app.manifest, please refer to https://dev.splunk.com/enterprise/docs/releaseapps/packagingtoolkit/pkgtoolkitref/pkgtoolkitapp#JSON-schema-200. Please also make sure that this custom file is safe to install. 
[
not_applicable
]
check_for_modular_inputs - Check that inputs.conf.spec does not include modular inputs that perform management tasks.
[
success
]
check_for_nested_apps - Check that nested apps do not exist as they are not valid for self-service install.
[
success
]
check_for_nested_archives - Check that nested archives do not exist as they are not valid for self-service install.
[
not_applicable
]
check_for_scripted_inputs - Check that inputs.conf does not include scripted inputs that perform management tasks.
[
success
]
check_that_app_passes_slim_validation_for_cloud - Check that apps can be validated by SLIM or reject, since invalid apps can't be installed in Classic Splunk Cloud.
[
success
]
check_that_splunk_app_package_type_is_not_zip_type - Check that the provided app package is not .zip type for SSAI purpose

Malware, viruses, malicious content, user security standards (dynamic checks)

[
success
]
check_for_viruses - Check that the app does not include viruses.

Splunk app packaging standards These checks validate that a Splunk app has been correctly packaged, and can be provided safely for package validation.

[
success
]
check_package_compression - Check that the package is compressed correctly.
[
success
]
check_that_extracted_splunk_app_contains_default_app_conf_file - Check that the extracted Splunk App contains a default/app.conf file.
[
success
]
check_that_extracted_splunk_app_does_not_contain_files_with_invalid_permissions - Check that the extracted Splunk App does not contain any files with incorrect permissions. Files must have the owner's permissions include read and write (600).
[
success
]
check_that_extracted_splunk_app_does_not_contain_invalid_directories - Check that the extracted Splunk App does not contain any directories with incorrect permissions. Directories and subdirectories must have the owner's permissions set to r/w/x (700).
[
success
]
check_that_extracted_splunk_app_does_not_contain_prohibited_directories_or_files - Check that the extracted Splunk App does not contain any directories or files that start with a ., or directories that start with __MACOSX.
[
success
]
check_that_splunk_app_package_does_not_contain_files_outside_of_app - Check that the Splunk App package does not contain any non-app files. Files within a valid app folder or valid dependencies within a .dependencies folder are permitted, all other files are not.
[
success
]
check_that_splunk_app_package_extracts_to_visible_directory - Check that the compressed artifact extracts to a directory that does not start with a . character.
[
success
]
check_that_splunk_app_package_has_read_permission - Check that the Splunk app provided does not contain incorrect permissions. Packages must have the owner's read permission set to r (400).
[
not_applicable
]
check_that_splunk_app_package_has_valid_static_dependencies - Check that the Splunk App package contains only valid dependencies. Dependencies are valid if a .dependencies directory contains only valid app packages inside.
No ../.dependencies folder found. Please check that the Splunk App package contains only valid dependencies.
[
success
]
check_that_splunk_app_package_name_does_not_start_with_period - Check that the Splunk app provided does not start with a . character.
[
success
]
check_that_splunk_app_package_valid_compressed_file - Check that the Splunk app provided a valid compressed file.
[
not_applicable
]
check_that_splunk_app_package_with_static_dependencies_has_exactly_one_app_folder - Check that the Splunk App package with a .dependencies directory also contains exactly one valid app folder.
No ../.dependencies folder found. Please add a .dependencies directory with an valid app folder.
[
success
]
check_valid_version_number - Check that the extracted Splunk App contains a default/app.conf file that contains an [id] or [launcher] stanza with a version property that is formatted as Major.Minor.Revision.
[
success
]
check_version_is_valid_semver - Check that the extracted Splunk App contains a default/app.conf file that contains an [id] or [launcher] stanza with a version property that is formatted as Semantic Versioning 2.0.0 (https://semver.org/).
[
not_applicable
]
check_requires_adobe_flash - Check that the app does not use Adobe Flash files.
Didn't find any flash files.
[
success
]
check_that_extracted_splunk_app_does_not_contains_only_app_conf_file - Check that the extracted Splunk App does not contain only app.conf
[
not_applicable
]
check_that_splunk_app_package_with_static_dependencies_has_app_manifest - Check that the Splunk App package with a .dependencies directory also contains an app folder with an app.manifest.
No ../.dependencies folder found. Please add a .dependencies directory that contains an app folder with an app.manifest.

Authentication.conf file standards Ensure that bindDNpassword is not specified. For more, see authentication.conf.

[
not_applicable
]
check_role_map_should_not_map_splunk_system_role - Check that all map roles defined in authentication.conf do not map to splunk-system-role.
authentication.conf does not exist
[
not_applicable
]
check_saml_auth_should_not_turn_off_signed_assertion - Check that saml-* stanzas in authentication.conf do not turn off signedAssertion property.
authentication.conf does not exist
[
not_applicable
]
check_scripted_authentication_has_valid_python_version_property - Check that all the scripted authentications defined in authentication.conf are explicitly set the python.version to python3.
authentication.conf does not exist
[
success
]
check_for_o11y_roles - Check that authorize.conf does not contain any o11y role stanzas. O11y role is one of o11y_admin, o11y_power, o11y_read_only or o11y_usage.

Authorize.conf file standards Ensure that the authorize configuration file located in the /default folder is well-formed and valid. For more, see authorize.conf.

[
success
]
check_authorize_conf_capability_not_modified - Check that authorize.conf does not contain any modified capabilities.
[
success
]
check_authorize_conf_has_no_o11y_capabilities - Checks that authorize.conf has no capabilities starting with o11y_.

Binary file standards

[
success
]
check_idx_binary_compatibility - Checks that binaries that are distributed to the IDX tier of a distributed Splunk platform deployment are compatible with aarch64.

Cloud operations simple application check This group serves to help validate simple applications in an effort to try and automate the validation process for cloud operations.

[
success
]
check_alert_actions_conf_for_alert_execute_cmd_properties - Check that commands referenced in the alert.execute.cmd property of all alert actions are checked for compliance with Splunk Cloud security policy. Prevent alert_actions.conf from being used to execute malicious commands.
[
success
]
check_authorize_conf_admin_all_objects_privileges - Check that authorize.conf does not grant excessive administrative permissions to the user. Prevent roles from gaining unauthorized permissions.
[
success
]
check_default_data_ui_file_allow_list - Check that directories under data/ui contain only allowed files. Ensure unnecessary, unwanted files are not bundled in the app inappropriately.
[
not_applicable
]
check_default_data_ui_manager_for_plain_text_credentials - Check that directories under data/ui contain only allowed files. Identify for manual review items that might cause passwords to be stored in plaintext.
data/ui/manager does not exist
[
success
]
check_distsearch_conf_for_concerning_replicated_file_size - Check if concerningReplicatedFileSize in distsearch.conf is larger than 50 MB.
[
success
]
check_import_roles_and_grantable_roles_for_builtin_roles - Check that authorize.conf does not contain importRoles and grantableRoles for any built-in roles. Modifying the inheritance of the default roles in Splunk can have potentially severe consequences, including privilege escalation.
[
success
]
check_indexes_conf_only_uses_splunk_db_variable - Check that indexes defined in indexes.conf use relative paths starting with $SPLUNK_DB
[
not_applicable
]
check_inputs_conf_batch_has_required_attributes - Check that batch input has required attributes. The following key/value pair is required for batch inputs: move_policy = sinkhole
inputs.conf does not exist
[
not_applicable
]
check_inputs_conf_for_batch - Check that batch input accesses files in a permitted way. To be permissible, the batch input must meet the following criteria: 1) The file path needs to match a file in the directory "$SPLUNK_HOME/var/spool/splunk/" 2) The file name needs to be application specific "$SPLUNK_HOME/etc/apps/" 3) The file name should not end with "stash" or "stash_new"
inputs.conf does not exist
[
success
]
check_lookups_allow_list - Check that lookups/ contains only approved file types (.csv, .csv.default, .csv.gz, .csv.tgz, .kmz) or files formatted as valid csv. Ensure malicious files are not passed off as lookup files.
[
success
]
check_metadata_allow_list - Check that the metadata/ and users/<username>/metadata directories do not contain any subdirectories and only contain .meta files. Ensure malicious files are not passed off as metadata files.
[
not_applicable
]
check_scripted_inputs_python_version - Check that python version is python3 for scripted inputs defined in inputs.conf.
inputs.conf does not exist
[
success
]
check_setup_xml - Check that setup.xml does not exist in the app default or local folders.
[
not_applicable
]
check_stanza_of_authentication_conf - Check that only role-mapping stanza is allowed in authentication.conf as long as it doesn't map users to a cloud-internal role.
authentication.conf does not exist
[
success
]
check_static_directory_file_allow_list - Check that the static/ directory does not contains any subdirectories and contains only known file types. Ensure malicious files are not passed off as metadata files.
[
not_applicable
]
check_audit_conf_deny_list - Check that the app does not create audit.
audit.conf does not exist
[
success
]
check_authorize_conf_for_tokens_auth - Check that authorize.conf does not contain a [tokens_auth] stanza
[
not_applicable
]
check_bookmarks_conf_deny_list - Check that the app does not create bookmarks.
bookmarks.conf does not exist
[
success
]
check_command_scripts_exist_for_cloud - Check that custom search commands have an executable or script per stanza.
[
not_applicable
]
check_datatypesbnf_conf_deny_list - Check that the app does not create datatypesbnf.
datatypesbnf.conf does not exist
[
not_applicable
]
check_default_mode_conf_deny_list - Check that the app does not create default-mode.
default-mode.conf does not exist
[
not_applicable
]
check_deploymentclient_conf_deny_list - Check that the app does not create deploymentclient.
deploymentclient.conf does not exist
[
not_applicable
]
check_deployment_conf_deny_list - Check that the app does not create deployment.
deployment.conf does not exist
[
manual_check
]
check_for_binary_files_without_source_code - Check that all executable binary files have matching source code. For any binary files, there should be a source code provided with the same name. Or, there should be a declaration of what the binary file is all about in the app's README. Details for passing this check will be returned if you fail it.
File: lib/charset_normalizer/md.cpython-312-x86_64-linux-gnu.so
Please ensure the binary files are safe. Related info might be included in App README. Binary   Format: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=99135d791bc537ab5818a22228dcf12f3e7231ad, not stripped  README: README.txt 
File: lib/charset_normalizer/md__mypyc.cpython-312-x86_64-linux-gnu.so
Please ensure the binary files are safe. Related info might be included in App README. Binary   Format: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=28625fb28be309cb86382f59ec05659714decc4b, not stripped  README: README.txt 
[
success
]
check_for_index_volume_usage - Check that indexes.conf does not declare volumes.
[
not_applicable
]
check_for_inputs_fifo_usage - Check that default/inputs.conf or local/inputs.conf or users/<username>/local/inputs.conf does not contain any fifo:// stanzas.
inputs.conf.conf does not exist
[
not_applicable
]
check_for_java - Check whether the app contains java files. Java files will be inspected for compliance with Splunk Cloud security policy.
No java files found in app.
[
not_applicable
]
check_for_perl - Check if the app contains Perl scripts. Perl scripts will be inspected for compliance with Splunk Cloud security policy.
No Perl scripts found in app.
[
success
]
check_for_shell - Check whether the app contains shell files. Shell files will be manually inspected for compliance with Splunk Cloud security policy.
[
not_applicable
]
check_health_conf_deny_list - Check that the app does not create health.
health.conf does not exist
[
not_applicable
]
check_inputs_conf_for_fschange - Check that default/inputs.conf or local/inputs.conf or users/<username>/local/inputs.conf does not contain any fschange:// stanzas.
inputs.conf.conf does not exist
[
not_applicable
]
check_inputs_conf_for_http_global_usage - Check that inputs.conf does not contain a [http] stanza
inputs.conf does not exist
[
not_applicable
]
check_inputs_conf_for_http_inputs - Apps cannot ship a configured HEC token in inputs.conf. HEC tokens must be created by stack admins via ACS. Refer: https://docs.splunk.com/Documentation/Splunk/9.1.0/Data/UsetheHTTPEventCollectorRemove [http://] stanza from inputs.conf.
inputs.conf does not exist
[
not_applicable
]
check_inputs_conf_for_remote_queue_monitor - Check that inputs.conf does not have any remote_queue inputs.
inputs.conf does not exist
[
not_applicable
]
check_inputs_conf_for_splunk_tcp - Check that default/inputs.conf or local/inputs.conf or users/<username>/local/inputs.conf does not contain any splunktcp:// stanzas.
inputs.conf.conf does not exist
[
not_applicable
]
check_inputs_conf_for_splunktcptoken - Check that inputs.conf does not contain a splunktcptoken stanza.
inputs.conf does not exist
[
not_applicable
]
check_inputs_conf_for_ssl - Check that inputs.conf does not have any SSL inputs.
inputs.conf does not exist
[
not_applicable
]
check_inputs_conf_for_tcp - Check that default/inputs.conf or local/inputs.conf or users/<username>/local/inputs.conf does not contain any tcp:// stanzas.
inputs.conf.conf does not exist
[
not_applicable
]
check_inputs_conf_for_udp - Check that inputs.conf does not have any UDP inputs.
inputs.conf does not exist
[
not_applicable
]
check_instance_cfg_conf_deny_list - Check that the app does not create instance.cfg.
instance.cfg.conf does not exist
[
not_applicable
]
check_introspection_of_cloud_filesystem - Check that the app does not create crawl.
crawl.conf does not exist
[
success
]
check_java_sdk_version - Check that Splunk SDK for Java is up-to-date.
[
not_applicable
]
check_literals_conf_deny_list - Check that the app does not create literals.
literals.conf does not exist
[
not_applicable
]
check_messages_conf_deny_list - Check that the app does not create messages.
messages.conf does not exist
[
not_applicable
]
check_modular_inputs_scripts_exist_for_cloud - Check that there is a script file in bin/ for each modular input defined in README/inputs.conf.spec.
No `inputs.conf.spec` was detected.
[
not_applicable
]
check_passwords_conf_deny_list - Check that the app does not create passwords.
passwords.conf does not exist
[
not_applicable
]
check_pubsub_conf_deny_list - Check that the app does not create pubsub.
pubsub.conf does not exist
[
not_applicable
]
check_scripted_inputs_cmd_path_pattern - Check the cmd path pattern of scripted input defined in inputs.conf.
`inputs.conf` does not exist.
[
not_applicable
]
check_segmenters_conf_deny_list - Check that app does not contain segmenters.conf with Splunk-defined stanza.
segmenters.conf does not exist
[
not_applicable
]
check_serverclass_conf_deny_list - Check that the app does not create serverclass.
serverclass.conf does not exist
[
not_applicable
]
check_serverclass_seed_xml_conf_deny_list - Check that the app does not create serverclass.seed.xml.
serverclass.seed.xml.conf does not exist
[
not_applicable
]
check_source_classifier_conf_deny_list - Check that the app does not create source-classifier.
source-classifier.conf does not exist
[
not_applicable
]
check_sourcetypes_conf_deny_list - Check that the app does not create sourcetypes.
sourcetypes.conf does not exist
[
not_applicable
]
check_splunk_launch_conf_deny_list - Check that the app does not create splunk-launch.
splunk-launch.conf does not exist
[
not_applicable
]
check_telemetry_conf_deny_list - Check that the app does not create telemetry.
telemetry.conf does not exist
[
success
]
check_that_app_contains_any_windows_specific_components - Check that the app contains MS Windows specific components, which will not function correctly in Splunk Cloud whose OS should be Linux x64.
[
success
]
check_that_no_configurations_of_default_source_type_in_props_conf - Check that the app does not contain configurations of default source type in props.conf, which will overwrite the configurations in system/default/props.conf and may affect other apps.
[
success
]
check_transforms_conf_for_external_cmd - Check that transforms.conf does not contain any transforms with malicious command scripts specified by external_cmd=<string> attribute.
[
success
]
check_transforms_conf_for_external_cmd_cloud - Check that transforms.conf does not contain any transforms with non-python malicious command scripts specified by external_cmd=<string> attribute.
[
not_applicable
]
check_user_seed_conf_deny_list - Check that the app does not create user-seed.
user-seed.conf does not exist
[
not_applicable
]
check_wmi_conf_deny_list - Check that the app does not create wmi.
wmi.conf does not exist
[
not_applicable
]
check_workload_pools_conf_deny_list - Check that the app does not create workload_pools.
workload_pools.conf does not exist
[
not_applicable
]
check_workload_rules_conf_deny_list - Check that the app does not create workload_rules.
workload_rules.conf does not exist

Checking for Front-end Libraries This check looks for various front-end libraries inside of apps. As of 03/23/2022, we are looking at Splunk UI, and it's predecessor, SplunkJS. This is currently an INFORMATIONAL Check. Updated on 04/17/2023 This check now is expanded to look for several other critical front-end libraries. 1. We have expanded the regex matching to be more inline with all the UDF Packages https://splunkui.splunk.com/Packages/dashboard-docs/?path=%2FFAQ 2. We have added a few other critical packages (@splunk/react-search, @splunk/react-time-range, @splunk/search-job, @splunk/ui-utils, @splunk/splunk-utils, @splunk/moment) 3. We have expanded the regex matching to be more inline with more of the Visualizations packages.

[
warning
]
check_for_splunk_dashboard_core - Check that @splunk/dashboard-core is being used.
File: appserver/static/js/build/573.42635284c26ad26a2025.js
440Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize the Unified Dashboard Framework (UDF). Please ignore this warning as it has no impact to your Splunk app. Match: @splunk/dashboard-layouts 
File: appserver/static/js/build/573.42635284c26ad26a2025.js
128Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize the Unified Dashboard Framework (UDF). Please ignore this warning as it has no impact to your Splunk app. Match: @splunk/dashboard-validation 
[
warning
]
check_for_splunk_frontend_utility_components - Check for usage of utility components.
File: appserver/static/js/build/573.42635284c26ad26a2025.js
1078Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize Splunk UI utility components. Please ignore this warning as it has no impact to your Splunk app. Match: @splunk/moment 
[
warning
]
check_for_splunk_js - Check that SplunkJS is being used.
File: appserver/static/trackMe_maintenance_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
24Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
26Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
4Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/modals/modal_v100.js
2Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/js/build/entry_page.js
2Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
21Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
17Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_license_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
22Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
13Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
30Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
32Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
17Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
14Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
14Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
18Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
19Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/multiselect_all.js
4Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_license_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
33Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
22Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
16Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
5Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
28Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/modals/modal_v100.js
1Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
14Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
23Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
13Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
18Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
27Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
20Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
29Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
36Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
11Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
9Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
10Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_kdb_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
25Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_maintenance_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
16Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/multiselect_all.js
5Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
15Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
19Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
31Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_vtenants_v100.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
7Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_api_reference.js
8Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
6Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
23Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
File: appserver/static/trackMe_home_v100.js
12Splunk has begun gathering telemetry on apps submitted to appinspect, that utilize SplunkJS. Please ignore this warning as it has no impact to your Splunk app. Match: splunkjs/mvc 
[
success
]
check_for_splunk_sui - Check that SUI is being used.
[
success
]
check_for_splunk_visualizations - Check that @splunk/visualizations is being used.

Check for git conflict related issue

[
success
]
check_for_git_merge_conflict_in_app - Check no git merge conflict is present

ITSI module verification

[
success
]
check_for_itsi_modules - Check that the app does not contain an ITSI module.

JavaScript file standards

[
manual_check
]
check_for_console_log_injection_in_javascript - Check if any sensitive data leakage in console log
File: appserver/static/tabulator/js/tabulator.js
22002The following line will be inspected during code review. Match: console.log("key", key) 
[
success
]
check_for_iframe_in_javascript - Check if the app contains possible iframe in JavaScript files, templates or html pages.
[
manual_check
]
check_for_insecure_http_request_in_javascript - Check if the app contain possible insecure http request in JavaScript files.
File: appserver/static/trackMe_home_v100.js
10508The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
730The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
236The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
18056The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61225The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
10589The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60469The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3516The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
17767The following line will be inspected during code review. Match: $.ajax( 
Suppressed 126 manual_check messages
File: appserver/static/trackMe_home_v100.js
15306The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
63028The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
65355The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
7574The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
53945The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
10933The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
8111The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
8785The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
47318The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
10317The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3226The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
58401The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3769The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
51985The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
23463The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
12732The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
49007The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3135The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
62197The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
15230The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61328The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
62680The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3428The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
12533The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
10227The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61122The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
65460The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60253The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61579The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61021The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
12443The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
52269The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
5530The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
16330The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
63645The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
17925The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
5629The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
23419The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
13206The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
7943The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
83The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
62102The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60574The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
15527The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
23358The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
8284The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
53839The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
5242The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61989The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
873The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61484The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
8031The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
12985The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60048The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
58315The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61784The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3596The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
12812The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
51741The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61894The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
5450The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
12651The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3871The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
7664The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
64861The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
23488The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
61689The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
10669The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
10411The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
34333The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60797The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
5332The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
7855The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60918The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
14951The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
3344The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
15069The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
64163The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
7758The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
62569The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
487The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60151The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
64360The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
53751The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
23547The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
14861The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
62357The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
62451The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
15150The following line will be inspected during code review. Match: $.ajax( 
File: appserver/static/trackMe_home_v100.js
60679The following line will be inspected during code review. Match: $.ajax( 
[
success
]
check_for_reflected_xss_in_javascript - Check if possible reflected xss in JavaScript
[
manual_check
]
check_for_remote_code_execution_in_javascript - Check if the app contain possible remote code execution in JavaScript files.
File: appserver/static/trackMe_home_v100.js
28914The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/js/build/573.42635284c26ad26a2025.js
2The following line will be inspected during code review. Match: eval(e,t 
File: appserver/static/trackMe_home_v100.js
45532The following line will be inspected during code review. Match: eval(delay_breached=="True" 
File: appserver/static/trackMe_vtenants_v100.js
387The following line will be inspected during code review. Match: eval(context 
File: appserver/static/trackMe_home_v100.js
29912The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
31553The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
968The following line will be inspected during code review. Match: eval(context 
File: appserver/static/trackMe_home_v100.js
29629The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
30343The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
30793The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
28482The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
31270The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
31985The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
File: appserver/static/trackMe_home_v100.js
29197The following line will be inspected during code review. Match: eval(LowerBoundWasCorrected=1 
[
not_applicable
]
check_for_stored_xss_in_javascript - Check if possible stored xss in JavaScript
`default/setup.xml` does not exist. The stored xss check is not applicable
[
success
]
check_for_telemetry_metrics_in_javascript - Check for usages of telemetry metrics in JavaScript
[
success
]
check_for_udp_communication_in_javascript - Check if the app contains udp communication in JavaScript files.
[
success
]
check_for_weak_encryption_and_hashing_in_javascript - Check if any weak encryption in JavaScript
[
success
]
check_telemetry_endpoint_usage_in_javascript - Check that app does not use REST endpoint to collect and send telemetry data.

jQuery vulnerabilities

[
success
]
check_hotlinking_splunk_web_libraries - Check that the app files are not importing files directly from the search head.
[
success
]
check_html_dashboards - Check for HTML dashboards, which are deprecated.
[
success
]
check_simplexml_standards_version - Check that the dashboards in your app have a valid version attribute.

Limits.conf file standards Ensure that /default/limits.conf or local/limits.conf file is omitted. When included in the app, the limits.conf file changes the limits that are placed on the system for hardware use and memory consumption, which is a task that should be handled by Splunk administrators and not by Splunk app developers. For more, see limits.conf.

[
not_applicable
]
check_limits_conf - Check that default/limits.conf or local/limits.conf or users/<username>/local/limits/conf has not been included.
limits.conf does not exist

Outputs.conf file standards Ensure that the outputs.conf file located in the /default folder of the app is well-formed and valid. For more, see outputs.conf.

[
not_applicable
]
check_if_outputs_conf_exists - Check that forwarding enabled in 'outputs.conf' is failed in cloud
outputs.conf does not exist

Deprecated features from Splunk Enterprise 5.0 The following features should not be supported in Splunk 5.0 or later.

[
success
]
check_deprecated_eventtype_autodiscovering - Check for use of findtypes SPL command in .conf files and SimpleXML.
[
success
]
check_for_savedsearches_used_in_eventtypes_conf - Check that saved searches are not used within event types. https://docs.splunk.com/Documentation/Splunk/5.0/ReleaseNotes/Deprecatedfeatures https://docs.splunk.com/Documentation/Splunk/7.2.5/Knowledge/Abouteventtypes

Deprecated features from Splunk Enterprise 6.0 The following features should not be supported in Splunk 6.0 or later.

[
not_applicable
]
check_crawl_conf_deny_list - Check that app does not contain crawl.conf as it was deprecated & removed in Splunk.
crawl.conf does not exist
[
not_applicable
]
check_for_viewstates_conf - Check that viewstates.conf does not exist at local/viewstates.conf, default/viewstates.conf or users/<username>/local/viewstates.conf in the app. (https://docs.splunk.com/Documentation/Splunk/6.0/AdvancedDev/Migration#Viewstates_are_no_longer_supported_in_simple_XML)
viewstates.conf does not exist

Deprecated features from Splunk Enterprise 6.1 The following features should not be supported in Splunk 6.1 or later.

[
success
]
check_for_datamodel_acceleration_endpoint_usage - Check that deprecated datamodel/acceleration is not used. https://docs.splunk.com/Documentation/Splunk/6.2.0/RESTREF/RESTknowledge

Deprecated features from Splunk Enterprise 6.2 The following features should not be supported in Splunk 6.2 or later. https://docs.splunk.com/Documentation/Splunk/6.2.0/ReleaseNotes/Deprecatedfeatures

[
success
]
check_for_dashboard_xml_list_element - Check Dashboard XML files for <list> element. <list>was deprecated in Splunk 6.2 and removed in Splunk 6.5.
[
success
]
check_for_earliest_time_and_latest_time_elements_in_dashboard_xml - Check for the deprecated <earliestTime> and <latestTime> elements in dashboard XML files.As of version 6.2 these elements are replaced by <earliest> and <latest> elements.
[
success
]
check_for_populating_search_element_in_dashboard_xml - Check for the deprecated <populatingSearch> and <populatingSavedSearch> elements in dashboard XML files.Use the <search> element instead.
[
success
]
check_for_simple_xml_row_grouping - Check for the deprecated grouping attribute of row node in Simple XML files.Use the <panel> node instead.

Deprecated features from Splunk Enterprise 6.3 These following features should not be supported in Splunk 6.3 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_run_script_alert_action - Check for use of running a script in alert action
[
success
]
check_for_django_bindings - Check for use of Django bindings.
[
success
]
check_for_simple_xml_chart_element_with_deprecated_option_names - Check for Simple XML <chart> panels with deprecated options charting.axisLabelsY.majorTickSize or charting.axisLabelsY.majorLabelVisibility.
[
success
]
check_for_simple_xml_option_element_with_name_previewresults - Check for the deprecated <option name='previewResults'> in Simple XML files.
[
success
]
check_for_simple_xml_seed_element - Check for the deprecated <seed> option in Simple XML forms. Use the <initialValue> element instead.

Deprecated features from Splunk Enterprise 6.4 The following features should not be supported in Splunk 6.4 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_noninteger_height_option - Check that <option name="height"> uses an integer for the value.Do not use <option name="height">[value]px</option>.
[
success
]
check_for_simple_xml_single_element_with_deprecated_option_names - Check Simple XML files for <single> panels with deprecated options'additionalClass', 'afterLabel', 'beforeLabel', 'classField', 'linkFields','linkSearch', 'linkView'
[
success
]
check_web_conf_for_simple_xml_force_flash_charting - Check that web.conf does not use the simple_xml_force_flash_chartingproperty.
[
success
]
check_web_conf_for_simple_xml_module_render - Check that web.conf does not use the simple_xml_module_renderproperty.
[
success
]
check_for_splunk_js_d3chartview - Checks that views are not importing d3chartview.
[
success
]
check_for_splunk_js_googlemapsview - Checks that views are not importing googlemapsview.

Deprecated features from Splunk Enterprise 6.5 The following features should not be supported in Splunk 6.5 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_dashboard_xml_option_element_with_deprecated_attribute_value - Check Dashboard XML files for <option> element with the deprecated option value "refresh.auto.interval" i.e. <option name="refresh.auto.interval">

Deprecated or removed features from Splunk Enterprise 6.6 The following features should not be supported in Splunk 6.6 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
not_applicable
]
check_for_autolb_setting_in_outputs_conf - Check removed support for setting autoLB in outputs.conf
outputs.conf does not exist
[
success
]
check_for_app_install_endpoint - Check apps/appinstall usages
[
success
]
check_for_displayrownumbers_in_simple_xml - Check existence for displayRowNumbers option in simple xml. This option is no longer supported since Splunk 6.6.

Deprecated features from Splunk Enterprise 7.1 The following features should not be supported in Splunk 7.1 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_input_command_usage - Check for use of input SPL command in .conf files and SimpleXML.

Deprecated features from Splunk Enterprise 7.2 The following features should not be supported in Splunk 7.2 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
not_applicable
]
check_for_deprecated_literals_conf - Check deprecated literals.conf existence.
literals.conf does not exist

Deprecated features from Splunk Enterprise 7.3 The following features should not be supported in Splunk 7.3 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_tscollect_command_usage - Check for use of tscollect SPL command in .conf files and SimpleXML.

Deprecated features from Splunk Enterprise 8.0 The following features should not be supported in Splunk 8.0.0 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_advanced_xml_module_elements - Check that there is no Advanced XML, which was deprecated in Splunk Enterprise 6.3.
[
success
]
check_for_cherry_py_custom_controller_web_conf_endpoints - Check for the existence of custom CherryPy endpoints, which must be upgraded tobe Python 3-compatible for the Splunk Enterprise 8.0.
[
warning
]
check_for_existence_of_python_code_block_in_mako_template - Check for the existence of Python code block in Mako templates, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0.
File: appserver/templates/base.html
Update Mako templates to be Python 3-compatible. Splunk Web, which Mako templates depend on, will support only Python 3.7. If you've finished your update, please disregard this message. 
[
warning
]
check_for_python_script_existence - Check for the existence of Python scripts, which must be upgraded to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0.
452 Python files found. Update these Python scripts to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. See https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration for more information. If you've finished your update, please disregard this message.
[
success
]
check_for_removed_m2crypto_usage - Check for the existence of the M2Crypto package usage, which is removed in the Splunk Enterprise 8.0.

Deprecated features from Splunk Enterprise 9.0.1 The following features should not be supported in Splunk 9.0.1 or later. For more, see Deprecated features and Changes for Splunk App developers.

[
success
]
check_for_search_v1_endpoint - Check search v1 deprecated API usages

Web.conf File Standards Ensure that web.conf is safe for cloud deployment and that any exposed patterns match endpoints defined by the app - apps should not expose endpoints other than their own. Including web.conf can have adverse impacts for cloud. Allow only [endpoint:*] and [expose:*] stanzas, with expose only containing pattern= and methods= properties. - web.conf

[
success
]
check_cherrypy_controllers - Check that web.conf does not contain any custom CherryPy controllers.
[
success
]
check_web_conf - Check that web.conf only defines [endpoint:] and [expose:]stanzas, with [expose:*] only containing pattern= and methods=.

Modular inputs structure and standards Modular inputs are configured in an inputs.conf.spec file located in the /README directory of the app. For more, see Modular inputs overview, Modular inputs configuration, and Modular inputs basic example.

[
not_applicable
]
check_inputs_conf_spec_stanzas_has_python_version_property - Check that all the modular inputs defined in inputs.conf.spec explicitly set the python.version to python3.
No `inputs.conf.spec` file exists.

JSON file standards

[
success
]
check_validate_json_data_is_well_formed - Check that all JSON files are well-formed.

Lookup file standards Lookups add fields from an external source to events based on the values of fields that are already present in those events.

[
success
]
check_for_lookups_file_name - Check that no two files/directories under the lookups directory have this naming pattern respectively:xxx and xxx.default - with the only difference in the .default extension.During the installation of an app in Splunk Cloud, a lookup file will be temporarily renamed to append an additional.default extension to it, which will cause error if a namesake file already exists.

Saved search standards Saved searches are defined in a savedsearches.conf file located in the /default and /local directory of the app. For more, see Save and share your reports and savedsearches.conf.

[
success
]
check_for_gratuitous_cron_scheduling - check that savedsearches.conf searches are cron scheduledreasonably. Less than five asterisks should be used.
[
success
]
check_for_real_time_saved_searches_for_cloud - Check that no real-time pre-index saved searches are being used insavedsearches.conf. Real-time pre-index saved searches are extremelysystem intensive and should be avoided.
[
success
]
check_for_sched_saved_searches_action_script_filename - Check that savedsearch.conf stanzas do not contain action.script.filename option
[
success
]
check_for_sched_saved_searches_earliest_time - Check that if a scheduled saved search in savedsearch.conf contains dispatch.earliest_time option, or if a scheduled saved search with auto summary enabled contains auto_summarize.dispatch.earliest_time option
[
success
]
check_for_sched_saved_searches_latest_time - Check that if a savedsearch.conf stanza contains scheduling optionsit does contain a dispatch.latest_time
[
success
]
check_for_saved_searches_populate_lookup - Check that savedsearch.conf stanza do not contain action.populate_lookup option`.

App.conf standards The app.conf file located at default/app.conf provides key application information and branding. For more, see app.conf.

[
success
]
check_custom_conf_replication - Check that custom .conf files have a a matching conf_replication_include.<conf_file_name> value in server.conf, under the [shclustering] stanza, to ensure that configurations are synchronized across Search Head Clusters.
[
success
]
check_for_default_splunk_app - Check that id attribute under the package stanza in app.conf does not match with the Splunk Default App names
[
success
]
check_for_trigger_stanza - Check that default/app.conf, local/app.conf and all users/<username>/local/app.conf don't have a reload.<CONF_FILE>, where CONF_FILE is a non-custom conf. (https://docs.splunk.com/Documentation/Splunk/latest/Admin/Appconf#.5Btriggers.5D)
[
success
]
check_for_valid_package_id - Check that the [package] stanza in app.conf has a valid id value.See https://docs.splunk.com/Documentation/Splunk/latest/Admin/Appconf for details.
[
success
]
check_for_valid_ui_label - Check that the default/app.conf or local/app.conf or users/<username>/local/app.conf contains a label key value pair in the [ui] stanza and the length is between 5 and 80 characters inclusive.
[
success
]
check_reload_trigger_for_all_custom_confs - Check that custom config files have a corresponding reload trigger in app.conf. Without a reload trigger the app will request a restart on any change to the config file, which may be a negative experience for end-users.
[
not_applicable
]
check_no_install_source_checksum - Check in default/app.conf, 'local/app.conf' and each users/<username>/local/app.conf, that install_source_checksum not be set explicitly.
`local/app.conf` does not exist.
[
not_applicable
]
check_no_install_source_local_checksum - Check in default/app.conf, 'local/app.conf' and each `users/<username/local/app.conf, that install_source_local_checksum not be set explicitly.
`local/app.conf` does not exist.
[
success
]
check_that_setup_has_not_been_performed - Check that default/app.conf setting is_configured = False.

Directory structure standards Ensure that the directories and files in the app adhere to hierarchy standards.

[
success
]
check_that_local_does_not_exist - Check that the 'local' directory does not exist. All configuration should be in the 'default' directory.
[
success
]
check_filenames_for_spaces - Check that app has no .conf or dashboard filenames that contain spaces. Splunk software does not support such files.
[
success
]
check_for_local_meta - Check that the file 'local.meta' does not exist. All metadata permissions should be set in 'default.meta'.
[
success
]
check_that_app_name_config_is_valid - Check that the app name does not start with digits
[
not_applicable
]
check_that_local_passwords_conf_does_not_exist - Check that local/passwords.conf or `users//local/passwords.conf does not exist. Password files are not transferable between instances.
The local directory does not exist.

Configuration file standards Ensure that all configuration files located in the /default folder are well-formed and valid.

[
warning
]
check_collections_conf_for_specified_name_field_type - Check that the field type in field.<name> settings in collections.conf is valid. Only number, bool, string and time are allowed.
File: default/collections.conf
69The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # planned, unplanned` in `field.type`. 
File: default/collections.conf
73The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # end time of the maintenance in epochtime` in `field.time_end`. 
File: default/collections.conf
76The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # last modification time of the maintenance record` in `field.mtime`. 
File: default/collections.conf
74The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # expiration time of the maintenance in epochtime` in `field.time_expiration`. 
File: default/collections.conf
75The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # creation time of the maintenance record` in `field.ctime`. 
File: default/collections.conf
72The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `time # start time of the maintenance in epochtime` in `field.time_start`. 
File: default/collections.conf
66The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `bool # if true, the maintenance record is disabled` in `field.is_disabled`. 
File: default/collections.conf
67The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `number # number of days of validity, if set to 0, the maintenance record is valid forever` in `field.no_days_validity`. 
File: default/collections.conf
70The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # additional information` in `field.add_info`. 
File: default/collections.conf
68The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # reason for the maintenance` in `field.reason`. 
File: default/collections.conf
71The field type in `field.<name>` settings in `collections.conf` only allows `number`, `bool`, `string` or `time` values but found `string # user who created the maintenance record` in `field.src_user`. 
[
success
]
check_config_file_parsing_public - Check that all config files parse cleanly - no trailing whitespace after continuations, no duplicated stanzas or options.
[
success
]
check_manipulation_outside_of_app_container - Check that app conf files do not point to files outside the app container. Because hard-coded paths won't work in Splunk Cloud, we don't consider to check absolute paths.
[
success
]
check_no_default_stanzas - Check that app does not contain any .conf files that create global definitions using the [default] stanza.

Indexes.conf file standards Ensure that the index configuration file located in the /default and /local folder is well-formed and valid. For more, see indexes.conf.

[
success
]
check_coldToFrozenScript_has_valid_python_version_property - Check that all the coldToFrozenScript in indexes.conf are explicitly set the python.version to python3.
[
success
]
check_indexes_conf_properties - Check that indexes.conf only contains the required 'homePath', 'coldPath', and 'thawedPath' properties or the optional 'frozenTimePeriodInSecs', 'disabled', 'datatype' and 'repFactor' properties. All other properties are prohibited. Also, if 'repFactor' property exists, its value should be 'auto'.
[
success
]
check_lower_cased_index_names - Check that all index names consist only of lowercase characters, numbers, underscores and hyphens. They cannot begin with an underscore or hyphen, or contain the word 'kvstore'. If index names have any uppercase characters any attempts to edit the index in the UI will cause a duplicate index stanza creation which will cause many errors in Splunk.
[
success
]
check_validate_default_indexes_not_modified - Check that no default Splunk indexes are modified by the app.

Meta file standards Ensure that all meta files located in the /metadata folder are well-formed and valid.

[
success
]
check_meta_default_write_access - Check that the global write access in .meta does not allow any authenticated user to write to the knowledge objects under the application.
[
warning
]
check_kos_are_accessible - Check that knowledge objects with access control restrictions defined in *.meta files are accessible to customers in Splunk Cloud.
File: metadata/default.meta
44The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
63The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
57The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
79The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
89The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
102The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
5The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
105The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
76The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
60The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
86The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
95The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
92The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
70The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
73The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 
File: metadata/default.meta
54The 'admin' role is not available to Splunk Cloud customers. Please consider also including the 'sc_admin' role if you want Splunk Cloud customer administrators to be able to access this knowledge object 

Props Configuration file standards Ensure that all props.conf files located in the default (or local) folder are well-formed and valid. props.conf transforms.conf

[
success
]
check_pretrained_sourcetypes_have_only_allowed_transforms - Check that pretrained sourctypes in props.confhave only 'TRANSFORM-' or 'SEDCMD' settings,and that those transforms only modify the host, source, or sourcetype.
[
warning
]
check_props_conf_has_no_prohibited_characters_in_sourcetypes - Check that the sourcetypes in props.conf do not contain any prohibited characters. Special characters <>?&# are not allowed.
File: default/props.conf
395Found a prohibited character in [(?::){0}trackme:custom_commands:*] stanza in props.conf. Special characters <>?&# are not allowed. Rename the stanza to not contain any forbidden characters. 
[
not_applicable
]
check_props_conf_has_no_ingest_eval_lookups - Check that the props.conf does not contain lookup() usage in INGEST_EVAL options. This feature is not available in Splunk Cloud. For example: [lookup1] INGEST_EVAL= status_detail=lookup("http_status.csv", json_object("status", status), json_array("status_description"))
No INGEST_EVAL properties were declared.

Server configuration file standards Ensure that server.conf is well-formed and valid. For detailed information about the server configuration file, see server.conf.

[
success
]
check_server_conf_only_contains_custom_conf_sync_stanzas_or_diag_stanza - Check that server.conf in an app is only allowed to contain: 1. conf_replication_include. in [shclustering] stanza 2. or EXCLUDE- property in [diag] stanza,

Alert actions structure and standards Custom alert actions are defined in an alert_actions.conf file located in the /default directory of the app. For more, see Custom alert actions overview and alert_actions.conf.

[
success
]
check_alert_actions_exe_exist - Check that each custom alert action has a valid executable. If it does, further check if the executable is Python script. If it does, further check it's Python 3 compatible.
[
success
]
check_for_explicit_exe_args - Check whether any custom alert actions have executable arguments.
[
success
]
check_for_payload_format - Check that each custom alert action's payload format has a value of xml or json.

Custom search command structure and standards Custom search commands are defined in a commands.conf file in the /default directory of the app. For more, see About writing custom search commands and commands.conf.

[
success
]
check_command_scripts_python_version - Check that commands.conf must explicitly define the python.version to be python3 for each python-scripted custom command.

Custom workflow actions structure and standards Custom workflow actions are defined in a workflow_actions.conf file in the /default directory of the app. For more, see About lookups and workflow_actions.conf.

REST endpoints and handler standards REST endpoints are defined in a restmap.conf file in the /default and /local directory of the app. For more, see restmap.conf.

[
success
]
check_restmap_conf_exists - Check that restmap.conf file exists at default/restmap.conf, local/restmap.conf and users//local/restmap.conf` when using REST endpoints.
[
success
]
check_rest_handler_python_executable_exists - Check that python.version is python3 for executables in restmap.conf.
[
success
]
check_rest_handler_scripts_exist_for_cloud - Check that each stanza in restmap.conf has a matching handler script.

Data model files and configurations Data models are defined in a datamodels.conf file in the /default directory of the app. For more, see About data models and datamodels.conf.

[
not_applicable
]
check_for_datamodel_acceleration - Check that the use of accelerated data models do not occur. If data model acceleration is required, developers should provide directions in documentation for how to accelerate data models from within the Splunk Web GUI. data model acceleration
datamodels.conf does not exist

Python file standards

[
warning
]
check_python_sdk_version - Check that Splunk SDK for Python is up-to-date.
File: lib/splunklib/__init__.py
33Splunk SDK for Python detected (version 2.1.0). No action required at this time. 
[
success
]
check_all_python_files_are_well_formed - Check all python files are well-formed under python2 and python3 standard
[
manual_check
]
check_built_in_import_function - Check that the python __import__ method is not used in a way that can be exploited (e.g., import(conf_setting) is at risk of code injection).
File: lib/requests/packages.py
9The `__builtin__.__import__` function was detected being used. Please use the `import` keyword instead. Third-Party libraries are exempt from this requirement. 
File: lib/six.py
87The `__builtin__.__import__` function was detected being used. Please use the `import` keyword instead. Third-Party libraries are exempt from this requirement. 
[
manual_check
]
check_for_builtin_functions - Check for builtin functions(open, eval, execfile, file) usages in python files
File: lib/splunktaucclib/common/__init__.py
26The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/pytz/__init__.py
108The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
3793The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/urllib3/util/ssl_.py
481The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/packaging/licenses/__init__.py
100The following line will be inspected during code review. The __builtin__.eval module/method can be used to execute arbitrary expression. 
File: lib/pytz/tzfile.py
132The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/trackme_libs_licensing.py
177The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/charset_normalizer/api.py
590The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/dateutil/tz/tz.py
1271The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/tests/test_sparkline.py
223The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/app.py
72The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/splunktaucclib/cim_actions.py
739The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1589The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1089The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/splunktaucclib/modinput_wrapper/base_modinput.py
185The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/licensing/internal.py
219The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/trackme_libs_licensing.py
451The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/splunktaucclib/splunk_aoblib/setup_util.py
128The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
446The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2411The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2371The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/tests/test_sparkline.py
215The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2587The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackmesplkflxgetuc.py
91The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2078The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_splk_flx_admin.py
162The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
314The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1207The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/dateutil/tz/tz.py
464The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
3635The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/trackme_libs_licensing.py
79The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/trackme_libs_licensing.py
434The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/licensing/internal.py
214The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/packaging/_musllinux.py
46The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: unit_tests_disabled/check_pyfunctions.py
23The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/splunktaucclib/cim_actions.py
355The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2032The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
902The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/packaging/_manylinux.py
24The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2021The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2207The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
751The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/charset_normalizer/cli/__main__.py
285The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
2146The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1190The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/trackme_libs_licensing.py
423The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
326The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1002The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/dateutil/zoneinfo/rebuild.py
30The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/trackme_libs_licensing.py
68The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
File: lib/pytz/tzfile.py
130The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. 
[
success
]
check_for_compiled_python - Check that there are no .pyc or .pyo files included in the app.
[
success
]
check_for_custom_python_interpreters - Check if custom python interpreters could be used in malicious code execution
[
manual_check
]
check_for_data_compression_and_archiving - check if data compression and archiving libraries could be used to read & write files outside of app dir
File: bin/trackme_rest_handler_backup_and_restore.py
3678The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1030The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: lib/splunktaucclib/alert_actions_base.py
163The following lines should be inspected during code review, `gzip.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: lib/dateutil/zoneinfo/rebuild.py
22The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: lib/splunktaucclib/alert_actions_base.py
174The following lines should be inspected during code review, `gzip.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: lib/requests/utils.py
291The following lines should be inspected during code review, `zipfile.ZipFile` could be used to create an archiving object, it can read or write file outside of app dir. 
File: lib/dateutil/zoneinfo/__init__.py
33The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: lib/dateutil/zoneinfo/rebuild.py
33The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
1987The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
3783The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
343The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
File: bin/trackme_rest_handler_backup_and_restore.py
3643The following lines should be inspected during code review, `tarfile.open` could be used to create an archiving object, it can read or write file outside of app dir. 
[
success
]
check_for_data_persistence - check for data persistence usage which could be used to invoke marshall function call
[
success
]
check_for_debugging_and_profiling - Check if debugging library could be used to execute arbitrary commands
[
manual_check
]
check_for_file_and_directory_access - Check for possible file and directory access, they could be used in external file manipulation
File: bin/trackme_rest_handler_backup_and_restore.py
3680The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?/temp_import.tgz"], keywords: {} 
File: lib/requests/utils.py
314The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3780The following line will be inspected during code review. The `os.makedirs` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {"exist_ok": "?"} 
File: bin/trackme_rest_handler_backup_and_restore.py
666The following line will be inspected during code review. The `os.mkdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3640The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?/temp_import.tgz"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
1106The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3677The following line will be inspected during code review. The `os.makedirs` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {"exist_ok": "?"} 
File: bin/trackme_rest_handler_backup_and_restore.py
465The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: lib/requests/utils.py
308The following line will be inspected during code review. The `tempfile.mkstemp` module/method can be used to access file/directory outside of the app dir. Function call arguments: [], keywords: {"dir": "?"} 
File: lib/splunktaucclib/modinput_wrapper/base_modinput.py
540The following line will be inspected during code review. The `os.makedirs` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: lib/dateutil/zoneinfo/rebuild.py
38The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
1330The following line will be inspected during code review. The `os.rmdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
1347The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3683The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?/temp_import.tgz"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
1493The following line will be inspected during code review. The `shutil.rmtree` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: lib/splunktaucclib/modinput_wrapper/base_modinput.py
538The following line will be inspected during code review. The `tempfile.mkdtemp` module/method can be used to access file/directory outside of the app dir. Function call arguments: [], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3666The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?/temp_import.tgz"], keywords: {} 
File: lib/requests/utils.py
310The following line will be inspected during code review. The `os.fdopen` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?", "wb"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3796The following line will be inspected during code review. The `os.remove` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?/export_archive.tgz"], keywords: {} 
File: bin/trackme_rest_handler_backup_and_restore.py
3632The following line will be inspected during code review. The `os.makedirs` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {"exist_ok": "?"} 
File: bin/trackme_rest_handler_backup_and_restore.py
668The following line will be inspected during code review. The `os.mkdir` module/method can be used to access file/directory outside of the app dir. Function call arguments: ["?"], keywords: {} 
File: lib/dateutil/zoneinfo/rebuild.py
18The following line will be inspected during code review. The `tempfile.mkdtemp` module/method can be used to access file/directory outside of the app dir. Function call arguments: [], keywords: {} 
[
manual_check
]
check_for_generic_operating_system_services - check if generic operating system modules could be used to communicate with outside services, files or systems
Suppressed 50 manual_check messages
File: bin/trackme_rest_handler_maintenance_kdb_admin.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmegennotable.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_logical_groups_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeextractsplkmhm.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmegetkos.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_ack.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_flx_power.py
29The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeapiautodocs.py
34The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutliersgetrules.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_elastic_sources_admin.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/charset_normalizer/utils.py
363The following lines should be inspected during code review. `logging.StreamHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmecollect.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeextractsplkcim.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_splk_feeds.py
2470The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_audit.py
127The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmetrackerhealth.py
37The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_replica_trackers_admin.py
31The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_replica_trackers_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_alerting_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_maintenance.py
30The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeacktracker.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutliersexpand.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_outliers_engine_power.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_splk_feeds.py
2587The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeoneshotexecutor.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_hybrid_trackers_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_mhm_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_priority_policies_power.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeextractjsonmetrics.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutlierstrain.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_sla.py
46The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_priority_policies_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_identity_cards_power.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeload.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkwlkgetreportowner.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_dsm_power.py
26The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_sla_policies_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkadaptivedelay.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_outliers_engine_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeautogroup.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/sparklines/__main__.py
133The following lines should be inspected during code review. `argparse.ArgumentParser.parse_args` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_mhm_power.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_splk_cim.py
135The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_configuration_admin.py
30The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmegenjsonmetrics.py
31The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_licensing_user.py
29The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmedecisionmaker.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmestsummarysplkdhm.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmegetcoll.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_dhm_user.py
25The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_maintenance_kdb_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkwlkinactiveinspector.py
35The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_soar_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeextractsplkdhm.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplktags.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmemergesplkmhm.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkpriority.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_component_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme.py
36The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_lagging_classes_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_wlk_user.py
30The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutlierscimgetrules.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/charset_normalizer/cli/__main__.py
141The following lines should be inspected during code review. `argparse.ArgumentParser.parse_args` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_vtenants_admin.py
29The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmepersistentfields.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeprettyjson.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_wlk_admin.py
31The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutlierstrackerhelper.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkslaclass.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmeelasticexecutor.py
37The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_cim_admin.py
30The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_identity_cards_user.py
27The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/splunktaucclib/splunk_aoblib/utility.py
30The following lines should be inspected during code review. `logging.StreamHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_flx_user.py
29The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_deleted_entities_power.py
26The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_splk_feeds.py
2405The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/splunktaucclib/cim_actions.py
967The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplksetcurrentdcounthost.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmegetconf.py
26The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_cim_user.py
29The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: lib/trackme_libs_splk_feeds.py
2520The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_data_sampling_user.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_blocklist_user.py
24The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_blocklist_power.py
26The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_tag_policies_power.py
28The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutliersrender.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutlierssetrules.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_alerting_admin.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesamplingexecutor.py
36The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_soar_admin.py
29The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkflxgetuc.py
32The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_flx_admin.py
31The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_dsm_user.py
26The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_splk_wlk_power.py
30The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackme_rest_handler_vtenants_power.py
25The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutlierscimtrackerhelper.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmereturnmaintenancedb.py
26The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/splunkremotesearch.py
36The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
File: bin/trackmesplkoutlierscimrender.py
33The following lines should be inspected during code review. `logging.handlers.RotatingFileHandler` could be used to receive data from outside or log data to outside. 
[
success
]
check_for_hidden_python_files - Check that there are no hidden python files included in the app.
[
manual_check
]
check_for_importing_modules - Check Python code for importing modules dynamically.
File: lib/charset_normalizer/utils.py
327The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/charset_normalizer/utils.py
263The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/requests/compat.py
24The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/charset_normalizer/cd.py
32The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/charset_normalizer/cd.py
36The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/charset_normalizer/utils.py
332The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/charset_normalizer/utils.py
331The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/charset_normalizer/utils.py
324The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
File: lib/dateutil/__init__.py
16The following lines should be inspected during code review, Python code `importlib.import_module` for dynamically importing module has been detected. 
[
success
]
check_for_internet_protocols_and_support - Check for the use of web server classes, they could be used to start an internal server in current app
[
success
]
check_for_interprocess_communication_and_networking - check if networking or file manipulation exist in interprocess modules usage
[
success
]
check_for_optional_operating_system_services - Check for operating system features that are available on selected operating systems only.
[
manual_check
]
check_for_plain_text_credentials_in_python - check for plain text credentials disclosure in python files
File: lib/dateutil/tz/win.py
40The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAME = SOFTWARE\Microsoft\Windows\CurrentVersion\Time Zones` 
File: lib/splunktaucclib/data_collection/ta_consts.py
17The following lines should be inspected during code review, Possible plain text credentials disclosure here, `session_key = session_key` 
File: bin/trackmesplkflxgetuc.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/splunktaucclib/rest_handler/credentials.py
95The following lines should be inspected during code review, Possible plain text credentials disclosure here, `PASSWORD = ******` 
File: lib/trackme_libs_load.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_data_sampling_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/trackme_libs_ack.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesplkslaclass.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_lagging_classes_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesplkoutlierstrain.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/licensing/methods.py
1833The following lines should be inspected during code review, Possible plain text credentials disclosure here, `old_password = ` 
File: lib/trackme_libs_audit.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/splunkremotesearch.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/requests/auth.py
21The following lines should be inspected during code review, Possible plain text credentials disclosure here, `CONTENT_TYPE_FORM_URLENCODED = application/x-www-form-urlencoded` 
File: bin/trackmeextractsplkdhm.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/dateutil/tz/win.py
285The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAME = SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones` 
File: bin/trackmeautogroup.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmegetconf.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_mhm_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_alerting_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmecollect.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/trackmedatasampling_ootb_regex.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/trackme_libs_rbac.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesamplingexecutor.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesplkoutlierssetrules.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_tag_policies_power.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmeapiautodocs.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/trackme_libs_sla.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmegetkos.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/six.py
597The following lines should be inspected during code review, Possible plain text credentials disclosure here, `_func_code = func_code` 
File: bin/trackme_rest_handler_splk_hybrid_trackers_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/dateutil/tz/win.py
29The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAMENT = SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones` 
File: lib/trackme_libs_decisionmaker.py
2274The following lines should be inspected during code review, Possible plain text credentials disclosure here, `default_code = 999` 
File: bin/trackmesplkadaptivedelay.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_flx_power.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/trackme_libs_get_data.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_replica_trackers_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_identity_cards_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/solnlib/conf_manager.py
48The following lines should be inspected during code review, Possible plain text credentials disclosure here, `ENCRYPTED_TOKEN = ******` 
File: lib/licensing/methods.py
1835The following lines should be inspected during code review, Possible plain text credentials disclosure here, `password_reset_token = ` 
File: bin/trackme_rest_handler_vtenants_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_dsm_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/trackme_libs_decisionmaker.py
2269The following lines should be inspected during code review, Possible plain text credentials disclosure here, `default_code = 999` 
File: bin/trackmesplkoutliersexpand.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmegenjsonmetrics.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/dateutil/tz/win.py
31The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZLOCALKEYNAME = SYSTEM\CurrentControlSet\Control\TimeZoneInformation` 
File: bin/trackmesplkoutliersrender.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmestsummarysplkdhm.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_ack.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_mhm_power.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/dateutil/tz/win.py
30The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAME9X = SOFTWARE\Microsoft\Windows\CurrentVersion\Time Zones` 
File: bin/trackmesplkoutliersgetrules.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmegetcoll.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_maintenance_kdb_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_flx_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/splunktaucclib/data_collection/ta_consts.py
49The following lines should be inspected during code review, Possible plain text credentials disclosure here, `divide_key = _divide_key` 
File: bin/trackmesplkwlkinactiveinspector.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/dateutil/tz/win.py
45The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAME = SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones` 
File: bin/trackmesplksetcurrentdcounthost.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_maintenance.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_soar_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/licensing/methods.py
677The following lines should be inspected during code review, Possible plain text credentials disclosure here, `key = ` 
File: lib/dateutil/tz/win.py
219The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAME = SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones` 
File: lib/trackme_libs_decisionmaker.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_blocklist_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_vtenants_power.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_alerting_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_configuration_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_licensing_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmemergesplkmhm.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/licensing/methods.py
638The following lines should be inspected during code review, Possible plain text credentials disclosure here, `key = ` 
File: lib/six.py
544The following lines should be inspected during code review, Possible plain text credentials disclosure here, `_func_code = func_code` 
File: lib/solnlib/conf_manager.py
139The following lines should be inspected during code review, Possible plain text credentials disclosure here, `self.ENCRYPTED_TOKEN = ******` 
File: bin/trackme_rest_handler_splk_cim_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/six.py
31The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = Benjamin Peterson <benjamin@python.org>` 
File: lib/licensing/methods.py
222The following lines should be inspected during code review, Possible plain text credentials disclosure here, `no_of_keys = 1` 
File: lib/trackme_libs_mloutliers.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/licensing/methods.py
721The following lines should be inspected during code review, Possible plain text credentials disclosure here, `machine_code = ` 
File: lib/licensing/methods.py
639The following lines should be inspected during code review, Possible plain text credentials disclosure here, `machine_code = ` 
File: bin/trackmeoneshotexecutor.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_cim_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/six.py
536The following lines should be inspected during code review, Possible plain text credentials disclosure here, `_func_code = func_code` 
File: bin/trackme_rest_handler_splk_elastic_sources_admin.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesplkoutlierstrackerhelper.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmetrackerhealth.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_identity_cards_power.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmeextractsplkmhm.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmegennotable.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesplkoutlierscimrender.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_wlk_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
Suppressed 129 manual_check messages
File: bin/trackme_rest_handler_splk_priority_policies_power.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackme_rest_handler_splk_sla_policies_user.py
5The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/licensing/methods.py
720The following lines should be inspected during code review, Possible plain text credentials disclosure here, `key = ` 
File: lib/splunktaucclib/data_collection/ta_checkpoint_manager.py
70The following lines should be inspected during code review, Possible plain text credentials disclosure here, `qualified_key_str = ` 
File: bin/trackme.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: bin/trackmesplkoutlierscimtrackerhelper.py
4The following lines should be inspected during code review, Possible plain text credentials disclosure here, `__author__ = TrackMe Limited` 
File: lib/dateutil/tz/win.py
38The following lines should be inspected during code review, Possible plain text credentials disclosure here, `TZKEYNAMENT = SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones` 
[
warning
]
check_for_possible_threading - Check for the use of threading, and multiprocesses. Threading or process must be used with discretion and not negatively affect the Splunk installation as a whole.
File: bin/trackmetrackerhealth.py
1503The following line contains questionable usage `threading.Thread.start` in loop. Use threading and multiprocessing with discretion. 
File: lib/solnlib/splunkenv.py
302The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. 
File: lib/licensing/internal.py
191The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. 
File: lib/dateutil/zoneinfo/rebuild.py
62The following line contains subprocess.check_call usage. Use threading and multiprocessing with discretion. 
File: lib/dateutil/zoneinfo/rebuild.py
52The following line contains subprocess.check_output usage. Use threading and multiprocessing with discretion. 
File: lib/licensing/internal.py
200The following line contains subprocess.check_output usage. Use threading and multiprocessing with discretion. 
File: bin/trackmereplicaexecutor.py
370The following line contains questionable usage `threading.Thread.start` in loop. Use threading and multiprocessing with discretion. 
File: lib/licensing/internal.py
190The following line contains subprocess.Popen usage. Use threading and multiprocessing with discretion. 
File: lib/solnlib/splunkenv.py
305The following line contains subprocess.Popen.communicate usage. Use threading and multiprocessing with discretion. 
[
success
]
check_for_program_frameworks - Check if program frameworks could be used to interface with web part
[
success
]
check_for_python_multimedia_services - Check if multimedia services module could be used to execute unknown-source multimedia files
[
manual_check
]
check_for_python_runtime_services - Check if python runtime services could be used to manipulate system python objects
File: lib/croniter/croniter.py
149The following lines should be inspected during code review, Possible system python objects manipulation `inspect.stack` found here. 
[
success
]
check_for_python_udp_network_communications - Check for UDP network communication
[
success
]
check_for_restricted_execution - Check if restricted execution exist in current app
[
success
]
check_for_reverse_shell_and_backdoor - check if possible reverse shell exist in python code
[
success
]
check_for_root_privilege_escalation - Check possible root privilege escalation
[
success
]
check_for_unencrypted_network_communications - Check that all network communications are encrypted
[
not_applicable
]
check_python_httplib2_version - Check python httplib2 version.
Python httplib2 library not found.
[
success
]
check_python_untrusted_xml_functions - Check for untrusted xml usages in python libraries

addon_builder.conf standards The addon_builder.conf file located at default/addon_builder.conf provides the information about the Add-on Builder associated with the Splunk App.

[
not_applicable
]
check_for_addon_builder_version - Checks that the addon_builder.conf contains an builder version number between 4.1.4 and 4.3.0 in the [base] stanza. Ensure that apps built with Add-on Builder are maintained with an up-to-date version of Add-on Builder.
addon_builder.conf does not exist

Bias language (static checks)

[
warning
]
check_for_bias_language - Check that the app does not include any bias words.
File: transforms.conf.spec
65Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS = <dimension_field1>, <dimensi... (README/transforms.conf.spec:65) [BLACKLIST]. 
File: transforms.conf
285Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk_dhm=target_index,... (default/transforms.conf:285) [BLACKLIST]. 
File: lxml.py
37Bias language is found in the app. # <<<BLACKLIST>>> = (etree._Entity, etree._ProcessingInstruction,... (lib/defusedxml/lxml.py:37) [blacklist]. 
File: transforms.conf
363Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.wlk=target_index,... (default/transforms.conf:363) [BLACKLIST]. 
File: transforms.conf.spec
66Bias language is found in the app. METRIC-SCHEMA-<<<WHITELIST>>>-DIMS = <dimension_field1>, <dimensi... (README/transforms.conf.spec:66) [WHITELIST]. 
File: METADATA
33Bias language is found in the app. Project-URL: Changelog, https://github.com/kjd/idna/blob/<<<MASTE... (lib/idna-3.10.dist-info/METADATA:33) [master]. 
File: transforms.conf
233Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.components_register=ta... (default/transforms.conf:233) [BLACKLIST]. 
File: METADATA
279Bias language is found in the app. This project is [MIT](https://github.com/Ousret/charset_normalize... (lib/charset_normalizer-3.4.0.dist-info/METADATA:279) [master]. 
File: transforms.conf.spec
62Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-<unique_metric_name_prefix> = ... (README/transforms.conf.spec:62) [BLACKLIST]. 
File: moment.js
5561Bias language is found in the app. // inspired by https://github.com/dordille/moment-isoduration/blo... (appserver/static/momentjs/moment.js:5561) [master]. 
File: METADATA
63Bias language is found in the app. :target: https://dev.azure.com/pythondateutilazure/dateutil/_buil... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:63) [master]. 
File: METADATA
146Bias language is found in the app. .. image:: https://ci.appveyor.com/api/projects/status/github/gra... (lib/sortedcontainers-2.4.0.dist-info/METADATA:146) [master]. 
File: METADATA
143Bias language is found in the app. .. image:: https://api.travis-ci.org/grantjenks/python-sortedcont... (lib/sortedcontainers-2.4.0.dist-info/METADATA:143) [master]. 
File: METADATA
184Bias language is found in the app. <https://raw.githubusercontent.com/kennethreitz/spark.py/<<<MASTE... (lib/sparklines-0.5.0.dist-info/METADATA:184) [master]. 
File: 573.42635284c26ad26a2025.js.LICENSE.txt
251Bias language is found in the app. * https://github.com/foliojs/pdfkit/blob/<<<MASTER>>>/lib/securit... (appserver/static/js/build/573.42635284c26ad26a2025.js.LICENSE.txt:251) [master]. 
File: METADATA
54Bias language is found in the app. .. |travis| image:: https://img.shields.io/travis/dateutil/dateut... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:54) [master]. 
File: lxml.py
41Bias language is found in the app. <<<BLACKLIST>>> = self.<<<BLACKLIST>>> (lib/defusedxml/lxml.py:41) [blacklist]. 
File: METADATA
47Bias language is found in the app. :target: https://codecov.io/github/tiran/defusedxml?branch=<<<MAS... (lib/defusedxml-0.7.1.dist-info/METADATA:47) [master]. 
File: lxml.py
43Bias language is found in the app. if isinstance(child, <<<BLACKLIST>>>): (lib/defusedxml/lxml.py:43) [blacklist]. 
File: METADATA
67Bias language is found in the app. :target: https://codecov.io/gh/dateutil/dateutil?branch=<<<MASTER... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:67) [master]. 
File: lxml.py
38Bias language is found in the app. <<<BLACKLIST>>> = _etree._Entity (lib/defusedxml/lxml.py:38) [blacklist]. 
File: transforms.conf
337Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.flx=target_index,... (default/transforms.conf:337) [BLACKLIST]. 
File: transforms.conf
259Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk_dsm=target_index,... (default/transforms.conf:259) [BLACKLIST]. 
File: METADATA
28Bias language is found in the app. :target: https://github.com/benjaminp/six/blob/<<<MASTER>>>/LICEN... (lib/six-1.17.0.dist-info/METADATA:28) [master]. 
File: 573.42635284c26ad26a2025.js
1109Bias language is found in the app. `,bn=({level:e="info",message:t="",centered:n=!0})=>T.createEleme... (appserver/static/js/build/573.42635284c26ad26a2025.js:1109) [master]. 
File: METADATA
710Bias language is found in the app. was not in the method <<<WHITELIST>>>. (Issue #1059) (lib/urllib3-1.26.20.dist-info/METADATA:710) [whitelist]. 
File: transforms.conf
207Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.sla=target_index,metri... (default/transforms.conf:207) [BLACKLIST]. 
File: METADATA
58Bias language is found in the app. .. |appveyor| image:: https://img.shields.io/appveyor/ci/dateutil... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:58) [master]. 
File: transforms.conf.spec
63Bias language is found in the app. METRIC-SCHEMA-<<<WHITELIST>>>-DIMS-<unique_metric_name_prefix> = ... (README/transforms.conf.spec:63) [WHITELIST]. 
File: trackMe_audit_svc_usage.xml
4Bias language is found in the app. <definition><![CDATA[{"visualizations":{"viz_wEwqDRvv":{"type":"s... (default/data/ui/views/trackMe_audit_svc_usage.xml:4) [slave]. 
File: METADATA
60Bias language is found in the app. .. _`Requests`: https://requests.readthedocs.io/en/<<<MASTER>>>/ (lib/certifi-2024.12.14.dist-info/METADATA:60) [master]. 
File: METADATA
42Bias language is found in the app. .. image:: https://travis-ci.org/tiran/defusedxml.svg?branch=<<<M... (lib/defusedxml-0.7.1.dist-info/METADATA:42) [master]. 
File: 573.42635284c26ad26a2025.js
1081Bias language is found in the app. || ${s} === "boolean" || ${o} === null`).assign(l,a._`[${o}]`)}}r... (appserver/static/js/build/573.42635284c26ad26a2025.js:1081) [master]. 
File: transforms.conf
311Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk_mhm=target_index,... (default/transforms.conf:311) [BLACKLIST]. 
File: METADATA
62Bias language is found in the app. .. |pipelines| image:: https://dev.azure.com/pythondateutilazure/... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:62) [master]. 
File: METADATA
66Bias language is found in the app. .. |coverage| image:: https://codecov.io/gh/dateutil/dateutil/bra... (lib/python_dateutil-2.9.0.post0.dist-info/METADATA:66) [master]. 
File: util.py
103Bias language is found in the app. for key in ("apps", "<<<SLAVE>>>-apps", "master-apps"): (lib/splunktalib/common/util.py:103) [slave]. 
File: METADATA
760Bias language is found in the app. and release. The <<<MASTER>>> branch received the same fix in Pul... (lib/urllib3-1.26.20.dist-info/METADATA:760) [master]. 
File: transforms.conf
181Bias language is found in the app. METRIC-SCHEMA-<<<BLACKLIST>>>-DIMS-trackme.splk.cim=target_index (default/transforms.conf:181) [BLACKLIST]. 
File: METADATA
46Bias language is found in the app. .. image:: https://codecov.io/github/tiran/defusedxml/coverage.sv... (lib/defusedxml-0.7.1.dist-info/METADATA:46) [master]. 
File: models.py
94Bias language is found in the app. raise ValueError("The expiration date cannot be converted to a da... (lib/licensing/models.py:94) [master]. 

Malware, viruses, malicious content, user security standards (static checks)

[
warning
]
check_hostnames_and_ips - Check that no sensitive hostnames/IPs are stored in the app.
File: appserver/static/boostrap-icons/icons/emoji-sunglasses.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-smile.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile.svg:3 
File: appserver/static/boostrap-icons/icons/bootstrap-reboot.svg
2PUBLIC IP 6.84.58.58 is found in appserver/static/boostrap-icons/icons/bootstrap-reboot.svg:2 
File: appserver/static/boostrap-icons/icons/github.svg
2PUBLIC IP 2.2.82.64 is found in appserver/static/boostrap-icons/icons/github.svg:2 
File: appserver/static/boostrap-icons/icons/lungs.svg
2PUBLIC IP 2.33.67.6 is found in appserver/static/boostrap-icons/icons/lungs.svg:2 
File: appserver/static/boostrap-icons/icons/repeat-1.svg
2PUBLIC IP 7.223.5.5 is found in appserver/static/boostrap-icons/icons/repeat-1.svg:2 
File: lib/PySocks-1.7.1.dist-info/METADATA
70PUBLIC IP 5.5.5.5 is found in lib/PySocks-1.7.1.dist-info/METADATA:70 
File: appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-sunglasses-fill.svg:2 
File: appserver/static/boostrap-icons/icons/fingerprint.svg
5PUBLIC IP 1.69.5.5 is found in appserver/static/boostrap-icons/icons/fingerprint.svg:5 
File: appserver/static/boostrap-icons/icons/input-cursor-text.svg
2PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/input-cursor-text.svg:2 
File: appserver/static/boostrap-icons/bootstrap-icons.svg
1PUBLIC IP 5.18.125.126 is found in appserver/static/boostrap-icons/bootstrap-icons.svg:1 
File: appserver/static/boostrap-icons/icons/emoji-frown.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown.svg:3 
File: appserver/static/boostrap-icons/icons/cursor-text.svg
2PUBLIC IP 2.5.5.5 is found in appserver/static/boostrap-icons/icons/cursor-text.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-smile-fill.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-fill.svg:2 
File: appserver/static/boostrap-icons/icons/browser-edge.svg
4PUBLIC IP 3.3.25.25 is found in appserver/static/boostrap-icons/icons/browser-edge.svg:4 
File: appserver/static/boostrap-icons/icons/emoji-angry.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry.svg:3 
File: appserver/static/boostrap-icons/icons/backpack2-fill.svg
3PUBLIC IP 3.43.5.5 is found in appserver/static/boostrap-icons/icons/backpack2-fill.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-frown-fill.svg
2PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-frown-fill.svg:2 
File: appserver/static/boostrap-icons/icons/instagram.svg
2PUBLIC IP 1.92.96.96 is found in appserver/static/boostrap-icons/icons/instagram.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-wink.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink.svg:3 
File: appserver/static/boostrap-icons/icons/rocket-takeoff.svg
4PUBLIC IP 5.18.125.126 is found in appserver/static/boostrap-icons/icons/rocket-takeoff.svg:4 
File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg
3PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-angry-fill.svg
2PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-angry-fill.svg:2 
File: appserver/static/boostrap-icons/icons/regex.svg
2PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/regex.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-wink-fill.svg
2PUBLIC IP 1.75.5.5 is found in appserver/static/boostrap-icons/icons/emoji-wink-fill.svg:2 
File: appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg
2PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes-fill.svg:2 
File: appserver/static/boostrap-icons/icons/file-earmark-richtext.svg
3PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/file-earmark-richtext.svg:3 
File: appserver/static/boostrap-icons/icons/arrow-repeat.svg
3PUBLIC IP 2.182.5.5 is found in appserver/static/boostrap-icons/icons/arrow-repeat.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg
3PUBLIC IP 2.152.242.63 is found in appserver/static/boostrap-icons/icons/emoji-heart-eyes.svg:3 
File: appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg
2PUBLIC IP 2.25.5.5 is found in appserver/static/boostrap-icons/icons/emoji-smile-upside-down-fill.svg:2 
File: appserver/static/boostrap-icons/icons/backpack-fill.svg
3PUBLIC IP 3.43.5.5 is found in appserver/static/boostrap-icons/icons/backpack-fill.svg:3 
File: appserver/static/boostrap-icons/icons/speaker.svg
3PUBLIC IP 1.5.75.75 is found in appserver/static/boostrap-icons/icons/speaker.svg:3 
File: appserver/static/boostrap-icons/icons/broadcast-pin.svg
2PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast-pin.svg:2 
File: appserver/static/boostrap-icons/icons/broadcast.svg
2PUBLIC IP 9.9.5.5 is found in appserver/static/boostrap-icons/icons/broadcast.svg:2 

Operating system standards

[
success
]
check_destructive_commands - Check for the use of malicious shell commands in configuration files or shell scripts to corrupt the OS or Splunk instance. Other scripting languages are covered by other checks.

Security vulnerabilities

[
manual_check
]
check_for_environment_variable_use_in_python - Check for environment variable manipulation and attempts to monitor sensitive environment variables.
File: bin/trackme_rest_handler_vtenants_user.py
22Environment variable being used in bin/trackme_rest_handler_vtenants_user.py:22: os.environ. 
Suppressed 83 manual_check messages
File: bin/trackme_rest_handler_splk_deleted_entities_power.py
22Environment variable being used in bin/trackme_rest_handler_splk_deleted_entities_power.py:22: os.environ. 
File: bin/trackmeapiautodocs.py
31Environment variable being used in bin/trackmeapiautodocs.py:31: os.environ. 
File: bin/trackmegetcoll.py
30Environment variable being used in bin/trackmegetcoll.py:30: os.environ. 
File: bin/trackme_rest_handler_splk_wlk_user.py
26Environment variable being used in bin/trackme_rest_handler_splk_wlk_user.py:26: os.environ. 
File: bin/trackme_rest_handler_splk_tag_policies_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_tag_policies_user.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_data_sampling_user.py
24Environment variable being used in bin/trackme_rest_handler_splk_data_sampling_user.py:24: os.environ. 
File: bin/trackmecimtrackerexecutor.py
27Environment variable being used in bin/trackmecimtrackerexecutor.py:27: os.environ. 
File: bin/trackme_rest_handler_splk_dsm_user.py
22Environment variable being used in bin/trackme_rest_handler_splk_dsm_user.py:22: os.environ. 
File: bin/trackmepersistentfields.py
30Environment variable being used in bin/trackmepersistentfields.py:30: os.environ. 
File: bin/trackmeprettyjson.py
29Environment variable being used in bin/trackmeprettyjson.py:29: os.environ. 
File: bin/trackmemergesplkdhm.py
29Environment variable being used in bin/trackmemergesplkdhm.py:29: os.environ. 
File: bin/trackmeexpandsplkmhm.py
30Environment variable being used in bin/trackmeexpandsplkmhm.py:30: os.environ. 
File: bin/trackme_rest_handler_licensing_admin.py
25Environment variable being used in bin/trackme_rest_handler_licensing_admin.py:25: os.environ. 
File: bin/trackme_rest_handler_splk_deleted_entities_user.py
21Environment variable being used in bin/trackme_rest_handler_splk_deleted_entities_user.py:21: os.environ. 
File: bin/trackme_rest_handler_splk_soar_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_soar_user.py:23: os.environ. 
File: bin/trackmeelasticexecutor.py
34Environment variable being used in bin/trackmeelasticexecutor.py:34: os.environ. 
File: bin/trackme_rest_handler_alerting_admin.py
29Environment variable being used in bin/trackme_rest_handler_alerting_admin.py:29: os.environ. 
File: bin/trackmeacktracker.py
30Environment variable being used in bin/trackmeacktracker.py:30: os.environ. 
File: bin/trackmesplkcmdb.py
29Environment variable being used in bin/trackmesplkcmdb.py:29: os.environ. 
File: bin/trackme_rest_handler_component_power.py
27Environment variable being used in bin/trackme_rest_handler_component_power.py:27: os.environ. 
File: bin/trackme_rest_handler_splk_cim_power.py
25Environment variable being used in bin/trackme_rest_handler_splk_cim_power.py:25: os.environ. 
File: bin/trackmesamplingexecutor.py
33Environment variable being used in bin/trackmesamplingexecutor.py:33: os.environ. 
File: bin/trackme_rest_handler_splk_lagging_classes_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_lagging_classes_user.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_dhm_user.py
21Environment variable being used in bin/trackme_rest_handler_splk_dhm_user.py:21: os.environ. 
File: bin/trackmemergesplkmhm.py
29Environment variable being used in bin/trackmemergesplkmhm.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_logical_groups_power.py
23Environment variable being used in bin/trackme_rest_handler_splk_logical_groups_power.py:23: os.environ. 
File: bin/trackmegenjsonmetrics.py
28Environment variable being used in bin/trackmegenjsonmetrics.py:28: os.environ. 
File: bin/trackme_rest_handler_configuration_admin.py
26Environment variable being used in bin/trackme_rest_handler_configuration_admin.py:26: os.environ. 
File: bin/trackmeextractsplkcim.py
29Environment variable being used in bin/trackmeextractsplkcim.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_elastic_sources_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_elastic_sources_user.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_identity_cards_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_identity_cards_user.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_flx_power.py
25Environment variable being used in bin/trackme_rest_handler_splk_flx_power.py:25: os.environ. 
File: bin/trackme_rest_handler_splk_dhm_power.py
21Environment variable being used in bin/trackme_rest_handler_splk_dhm_power.py:21: os.environ. 
File: bin/trackmeextractjsonmetrics.py
30Environment variable being used in bin/trackmeextractjsonmetrics.py:30: os.environ. 
File: bin/trackme_rest_handler_splk_flx_user.py
25Environment variable being used in bin/trackme_rest_handler_splk_flx_user.py:25: os.environ. 
File: bin/trackmeextractsplkdhm.py
30Environment variable being used in bin/trackmeextractsplkdhm.py:30: os.environ. 
File: bin/trackme_rest_handler_splk_outliers_engine_power.py
28Environment variable being used in bin/trackme_rest_handler_splk_outliers_engine_power.py:28: os.environ. 
File: bin/trackme_rest_handler_vtenants_power.py
21Environment variable being used in bin/trackme_rest_handler_vtenants_power.py:21: os.environ. 
File: bin/trackme_rest_handler_splk_blocklist_user.py
20Environment variable being used in bin/trackme_rest_handler_splk_blocklist_user.py:20: os.environ. 
File: bin/trackme_rest_handler_licensing_user.py
25Environment variable being used in bin/trackme_rest_handler_licensing_user.py:25: os.environ. 
File: bin/trackmesplkflxexpandextra.py
29Environment variable being used in bin/trackmesplkflxexpandextra.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_priority_policies_power.py
24Environment variable being used in bin/trackme_rest_handler_splk_priority_policies_power.py:24: os.environ. 
File: bin/trackme_rest_handler_configuration.py
28Environment variable being used in bin/trackme_rest_handler_configuration.py:28: os.environ. 
File: bin/trackmegetkos.py
29Environment variable being used in bin/trackmegetkos.py:29: os.environ. 
File: bin/trackmereplicaexecutor.py
30Environment variable being used in bin/trackmereplicaexecutor.py:30: os.environ. 
File: bin/trackme_rest_handler_splk_wlk_admin.py
27Environment variable being used in bin/trackme_rest_handler_splk_wlk_admin.py:27: os.environ. 
File: bin/trackmereplicator.py
29Environment variable being used in bin/trackmereplicator.py:29: os.environ. 
File: bin/trackmegetconf.py
23Environment variable being used in bin/trackmegetconf.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_blocklist_power.py
22Environment variable being used in bin/trackme_rest_handler_splk_blocklist_power.py:22: os.environ. 
File: bin/trackme_rest_handler_splk_replica_trackers_admin.py
27Environment variable being used in bin/trackme_rest_handler_splk_replica_trackers_admin.py:27: os.environ. 
File: bin/trackmehashobject.py
31Environment variable being used in bin/trackmehashobject.py:31: os.environ. 
File: bin/trackme_rest_handler_maintenance_kdb_admin.py
24Environment variable being used in bin/trackme_rest_handler_maintenance_kdb_admin.py:24: os.environ. 
File: bin/trackme_rest_handler_splk_sla_policies_power.py
24Environment variable being used in bin/trackme_rest_handler_splk_sla_policies_power.py:24: os.environ. 
File: bin/trackmeextractsplkmhm.py
30Environment variable being used in bin/trackmeextractsplkmhm.py:30: os.environ. 
File: bin/trackme_rest_handler_splk_cim_admin.py
26Environment variable being used in bin/trackme_rest_handler_splk_cim_admin.py:26: os.environ. 
File: bin/trackme_rest_handler_splk_tag_policies_power.py
24Environment variable being used in bin/trackme_rest_handler_splk_tag_policies_power.py:24: os.environ. 
File: bin/trackme_rest_handler_splk_logical_groups_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_logical_groups_user.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_outliers_engine_user.py
24Environment variable being used in bin/trackme_rest_handler_splk_outliers_engine_user.py:24: os.environ. 
File: bin/trackme.py
33Environment variable being used in bin/trackme.py:33: os.environ. 
File: bin/trackme_rest_handler_splk_mhm_power.py
24Environment variable being used in bin/trackme_rest_handler_splk_mhm_power.py:24: os.environ. 
File: bin/trackmegennotable.py
29Environment variable being used in bin/trackmegennotable.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_dsm_power.py
22Environment variable being used in bin/trackme_rest_handler_splk_dsm_power.py:22: os.environ. 
File: bin/trackme_rest_handler_splk_hybrid_trackers_admin.py
26Environment variable being used in bin/trackme_rest_handler_splk_hybrid_trackers_admin.py:26: os.environ. 
File: bin/trackme_rest_handler_splk_priority_policies_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_priority_policies_user.py:23: os.environ. 
File: bin/trackme_rest_handler_audit.py
25Environment variable being used in bin/trackme_rest_handler_audit.py:25: os.environ. 
File: bin/trackmesplkflxgetuc.py
29Environment variable being used in bin/trackmesplkflxgetuc.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_identity_cards_power.py
23Environment variable being used in bin/trackme_rest_handler_splk_identity_cards_power.py:23: os.environ. 
File: bin/trackmecheckbackups.py
29Environment variable being used in bin/trackmecheckbackups.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_sla_policies_user.py
23Environment variable being used in bin/trackme_rest_handler_splk_sla_policies_user.py:23: os.environ. 
File: bin/trackme_rest_handler_vtenants_admin.py
25Environment variable being used in bin/trackme_rest_handler_vtenants_admin.py:25: os.environ. 
File: bin/trackme_rest_handler_splk_elastic_sources_admin.py
24Environment variable being used in bin/trackme_rest_handler_splk_elastic_sources_admin.py:24: os.environ. 
File: bin/trackme_rest_handler_splk_flx_admin.py
27Environment variable being used in bin/trackme_rest_handler_splk_flx_admin.py:27: os.environ. 
File: bin/trackmedecisionmaker.py
29Environment variable being used in bin/trackmedecisionmaker.py:29: os.environ. 
File: bin/trackmeautogroup.py
30Environment variable being used in bin/trackmeautogroup.py:30: os.environ. 
File: bin/trackme_rest_handler_maintenance.py
26Environment variable being used in bin/trackme_rest_handler_maintenance.py:26: os.environ. 
File: bin/trackmesplkadaptivedelay.py
30Environment variable being used in bin/trackmesplkadaptivedelay.py:30: os.environ. 
File: bin/trackme_rest_handler_maintenance_kdb_user.py
23Environment variable being used in bin/trackme_rest_handler_maintenance_kdb_user.py:23: os.environ. 
File: bin/trackme_rest_handler_ack.py
23Environment variable being used in bin/trackme_rest_handler_ack.py:23: os.environ. 
File: bin/trackmeoneshotexecutor.py
30Environment variable being used in bin/trackmeoneshotexecutor.py:30: os.environ. 
File: bin/trackmecollect.py
29Environment variable being used in bin/trackmecollect.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_hybrid_trackers_user.py
24Environment variable being used in bin/trackme_rest_handler_splk_hybrid_trackers_user.py:24: os.environ. 
File: bin/trackme_rest_handler_splk_data_sampling_power.py
23Environment variable being used in bin/trackme_rest_handler_splk_data_sampling_power.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_mhm_user.py
24Environment variable being used in bin/trackme_rest_handler_splk_mhm_user.py:24: os.environ. 
File: bin/trackmereturnmaintenancedb.py
23Environment variable being used in bin/trackmereturnmaintenancedb.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_smart_status.py
21Environment variable being used in bin/trackme_rest_handler_splk_smart_status.py:21: os.environ. 
File: bin/trackmeload.py
30Environment variable being used in bin/trackmeload.py:30: os.environ. 
File: bin/trackme_rest_handler_splk_soar_admin.py
25Environment variable being used in bin/trackme_rest_handler_splk_soar_admin.py:25: os.environ. 
File: bin/trackmegetlogicalgroups.py
29Environment variable being used in bin/trackmegetlogicalgroups.py:29: os.environ. 
File: bin/trackme_rest_handler_splk_cim_user.py
25Environment variable being used in bin/trackme_rest_handler_splk_cim_user.py:25: os.environ. 
File: bin/trackme_rest_handler_splk_lagging_classes_power.py
23Environment variable being used in bin/trackme_rest_handler_splk_lagging_classes_power.py:23: os.environ. 
File: bin/trackme_rest_handler_splk_wlk_power.py
26Environment variable being used in bin/trackme_rest_handler_splk_wlk_power.py:26: os.environ. 
File: bin/trackme_rest_handler_alerting_user.py
24Environment variable being used in bin/trackme_rest_handler_alerting_user.py:24: os.environ. 
File: bin/trackmegeneralhealthmanager.py
30Environment variable being used in bin/trackmegeneralhealthmanager.py:30: os.environ. 
File: bin/trackme_rest_handler_component_user.py
24Environment variable being used in bin/trackme_rest_handler_component_user.py:24: os.environ. 
File: bin/trackme_rest_handler_splk_replica_trackers_user.py
24Environment variable being used in bin/trackme_rest_handler_splk_replica_trackers_user.py:24: os.environ. 
File: bin/trackme_rest_handler_backup_and_restore.py
33Environment variable being used in bin/trackme_rest_handler_backup_and_restore.py:33: os.environ. 
File: bin/splunkremotesearch.py
33Environment variable being used in bin/splunkremotesearch.py:33: os.environ. 
File: bin/trackmeopsstatusexpand.py
29Environment variable being used in bin/trackmeopsstatusexpand.py:29: os.environ. 
[
manual_check
]
check_for_insecure_http_calls_in_python - Check for insecure HTTP calls in Python.
File: lib/licensing/internal.py
180Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, []; Keyword arguments, {} 
File: lib/licensing/internal.py
158Possible insecure HTTP Connection. Match: urllib.request.Request Positional arguments, ["?", "?"]; Keyword arguments, {} 
File: lib/licensing/internal.py
173Possible insecure HTTP Connection. Match: urllib.request.urlopen Positional arguments, ["?"]; Keyword arguments, {} 
[
manual_check
]
check_for_secret_disclosure - Check for passwords and secrets.
File: default/restmap.conf
108The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
588The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
888The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
63The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
348The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
648The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
49The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
183The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
528The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
873The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
123The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
438The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
453The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
513The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
753The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
168The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
723The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: appserver/static/js/build/810.b245d6439a9585882caf.js
2The following line will be inspected during code review.Possible secret disclosure found. Match: ,i.dependencyMap=new Map,i.isOAuth=!1,i.isAuthVal=!1,i.authMap={};var 
File: default/restmap.conf
363The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
678The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
423The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
198The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
243The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
573The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: appserver/static/img/vtenant/diagram_api.png
5The following line will be inspected during code review. Possible secret disclosure found. Match: akIaMZypxKJW3hKWb9v6 
File: default/restmap.conf
543The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
783The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
918The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
228The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
858The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
393The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
663The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
708The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
153The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
903The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: appserver/static/js/build/354.f118c5fc4a40a52a68c6.js
2The following line will be inspected during code review. Possible secret disclosure found. Match: AKIAqgCyALoAYABoAGAA 
File: default/restmap.conf
693The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
303The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
558The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
798The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
483The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
828The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
843The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: lib/requests-2.32.3.dist-info/METADATA
48The following line will be inspected during code review.Possible secret disclosure found. Match: in.org/basic-auth/user/pass', auth=('user', 
File: default/restmap.conf
333The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
468The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
498The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
213The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
138The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
813The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
933The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
378The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
78The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
618The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
738The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
258The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
408The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
948The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
318The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
603The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
288The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
93The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
273The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
768The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
File: default/restmap.conf
633The following line will be inspected during code review.Possible secret disclosure found. Match: passSystemAuth        = true 
[
success
]
check_for_sensitive_info_in_url - Check for sensitive information being exposed in transit via URL query string parameters
[
success
]
check_for_supported_tls - Check that all outgoing connections use TLS in accordance to Splunk Cloud Platform policy.

Source code and binaries standards

[
success
]
check_for_bin_files - Check that files outside the bin/ and appserver/controllers directory do not have execute permissions. Splunk Cloud is a Linux-based platform, Splunk recommends 644 for all app files outside the bin/ directory, 644 for scripts within the bin/ directory that are invoked using an interpreter (e.g. python my_script.py or sh my_script.sh), and 755 for scripts within the bin/ directory that are invoked directly (e.g. ./my_script.sh or ./my_script).
[
manual_check
]
check_for_executable_flag - Check that files outside the bin/ directory do not appear to be executable according to the Unix file command. From man file: files have a ``magic number'' stored in a particular place near the beginning of the file that tells the UNIX operating system that the file is a binary executable.
File: lib/dateutil/zoneinfo/rebuild.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/utils.py
The executable will be inspected during code review: 
File: lib/idna/core.py
The executable will be inspected during code review: 
File: lib/dateutil/parser/_parser.py
The executable will be inspected during code review: 
File: lib/dateutil/tzwin.py
The executable will be inspected during code review: 
File: lib/trackme_libs_licensing.py
The executable will be inspected during code review: 
File: lib/dateutil/tz/tz.py
The executable will be inspected during code review: 
File: lib/defusedxml/minidom.py
The executable will be inspected during code review: 
File: lib/trackme_rest_handler.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/__main__.py
The executable will be inspected during code review: 
File: lib/defusedxml/lxml.py
The executable will be inspected during code review: 
File: lib/trackme_libs_smartstatus.py
The executable will be inspected during code review: 
File: lib/dateutil/tz/__init__.py
The executable will be inspected during code review: 
File: lib/dateutil/relativedelta.py
The executable will be inspected during code review: 
File: lib/dateutil/zoneinfo/__init__.py
The executable will be inspected during code review: 
File: lib/trackme_libs_get_data.py
The executable will be inspected during code review: 
Suppressed 184 manual_check messages
File: lib/charset_normalizer/cd.py
The executable will be inspected during code review: 
File: lib/collections_data.py
The executable will be inspected during code review: 
File: lib/dateutil/__init__.py
The executable will be inspected during code review: 
File: lib/packaging/_elffile.py
The executable will be inspected during code review: 
File: lib/packaging/utils.py
The executable will be inspected during code review: 
File: lib/packaging/_structures.py
The executable will be inspected during code review: 
File: lib/defusedxml/cElementTree.py
The executable will be inspected during code review: 
File: lib/dateutil/tz/_factories.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/cli/__init__.py
The executable will be inspected during code review: 
File: lib/packaging/_musllinux.py
The executable will be inspected during code review: 
File: lib/dateutil/_common.py
The executable will be inspected during code review: 
File: lib/trackme_libs_croniter.py
The executable will be inspected during code review: 
File: lib/deprecation.py
The executable will be inspected during code review: 
File: lib/certifi/core.py
The executable will be inspected during code review: 
File: lib/packaging/_tokenizer.py
The executable will be inspected during code review: 
File: lib/packaging/metadata.py
The executable will be inspected during code review: 
File: lib/dateutil/tz/win.py
The executable will be inspected during code review: 
File: lib/trackme_libs_audit.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/constant.py
The executable will be inspected during code review: 
File: lib/trackme_libs_mloutliers.py
The executable will be inspected during code review: 
File: lib/trackme_libs_sla.py
The executable will be inspected during code review: 
File: lib/dateutil/parser/isoparser.py
The executable will be inspected during code review: 
File: lib/idna/uts46data.py
The executable will be inspected during code review: 
File: lib/dateutil/parser/__init__.py
The executable will be inspected during code review: 
File: lib/packaging/version.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/api.py
The executable will be inspected during code review: 
File: lib/trackme_libs_splk_feeds.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/md.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/version.py
The executable will be inspected during code review: 
File: lib/trackme_libs_load.py
The executable will be inspected during code review: 
File: lib/defusedxml/xmlrpc.py
The executable will be inspected during code review: 
File: lib/packaging/markers.py
The executable will be inspected during code review: 
File: lib/trackme_libs_soar.py
The executable will be inspected during code review: 
File: lib/packaging/specifiers.py
The executable will be inspected during code review: 
File: lib/defusedxml/expatreader.py
The executable will be inspected during code review: 
File: lib/idna/__init__.py
The executable will be inspected during code review: 
File: lib/packaging/requirements.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/legacy.py
The executable will be inspected during code review: 
File: lib/six.py
The executable will be inspected during code review: 
File: lib/pytz/exceptions.py
The executable will be inspected during code review: 
File: lib/idna/intranges.py
The executable will be inspected during code review: 
File: lib/defusedxml/__init__.py
The executable will be inspected during code review: 
File: lib/dateutil/utils.py
The executable will be inspected during code review: 
File: lib/trackme_libs_splk_cim.py
The executable will be inspected during code review: 
File: lib/trackme_libs_ack.py
The executable will be inspected during code review: 
File: lib/trackme_libs_rbac.py
The executable will be inspected during code review: 
File: lib/croniter/__init__.py
The executable will be inspected during code review: 
File: lib/packaging/tags.py
The executable will be inspected during code review: 
File: lib/defusedxml/pulldom.py
The executable will be inspected during code review: 
File: lib/packaging/licenses/__init__.py
The executable will be inspected during code review: 
File: lib/trackme_libs.py
The executable will be inspected during code review: 
File: lib/trackme_libs_splk_wlk.py
The executable will be inspected during code review: 
File: lib/dateutil/rrule.py
The executable will be inspected during code review: 
File: lib/certifi/__main__.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/models.py
The executable will be inspected during code review: 
File: lib/deprecation-2.1.0.dist-info/METADATA
The executable will be inspected during code review: 
File: lib/croniter-5.0.1.dist-info/METADATA
The executable will be inspected during code review: 
File: lib/sockshandler.py
The executable will be inspected during code review: 
File: lib/idna/codec.py
The executable will be inspected during code review: 
File: lib/trackme_libs_schema.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/__init__.py
The executable will be inspected during code review: 
File: lib/trackme_libs_splk_flx.py
The executable will be inspected during code review: 
File: lib/licensing/models.py
The executable will be inspected during code review: 
File: lib/defusedxml/sax.py
The executable will be inspected during code review: 
File: lib/pytz/__init__.py
The executable will be inspected during code review: 
File: lib/trackme_libs_bulk_edit.py
The executable will be inspected during code review: 
File: lib/trackme_libs_decisionmaker.py
The executable will be inspected during code review: 
File: lib/defusedxml/common.py
The executable will be inspected during code review: 
File: lib/trackme_libs_utils.py
The executable will be inspected during code review: 
File: lib/croniter/croniter.py
The executable will be inspected during code review: 
File: lib/idna/compat.py
The executable will be inspected during code review: 
File: lib/packaging/licenses/_spdx.py
The executable will be inspected during code review: 
File: lib/defusedxml/ElementTree.py
The executable will be inspected during code review: 
File: lib/trackme_libs_logicalgroup.py
The executable will be inspected during code review: 
File: lib/licensing/methods.py
The executable will be inspected during code review: 
File: lib/dateutil/tz/_common.py
The executable will be inspected during code review: 
File: lib/socks.py
The executable will be inspected during code review: 
File: lib/trackmedatasampling_ootb_regex.py
The executable will be inspected during code review: 
File: lib/packaging/_manylinux.py
The executable will be inspected during code review: 
File: lib/packaging/_parser.py
The executable will be inspected during code review: 
File: lib/defusedxml/expatbuilder.py
The executable will be inspected during code review: 
File: lib/certifi/__init__.py
The executable will be inspected during code review: 
File: lib/charset_normalizer/cli/__main__.py
The executable will be inspected during code review: 

XML file standards

[
success
]
check_for_xml_embedded_javascript - Check any XML files that embed JavaScript via CDATA for compliance with Splunk Cloud security policy.
[
success
]
check_that_all_xml_files_are_well_formed - Check that all XML files are well-formed.