Downloading the script - PingOne - PingOne Cloud Platform

PingOne Cloud Platform

bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne
PingOne Cloud Platform
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

The provided script polls the PingOne API at a specific interval.

The output is the poll results that Splunk runs on every interval to populate its index. The script gets a token and renews it as necessary. It then polls the /activities endpoint on intervals that persist the last successful interval to a file so that each subsequent run begins where the last run finished.

The script handles renewal of expired tokens (for example, if the run takes more than an hour) and follows the cursor for paginated results. Intervals that did not finish to completion will not be marked as finished and will be retried on subsequent runs.

You can modify the script to meet the needs of your Splunk architecture. Optionally, you can wrap the script in Python, which can be easier for Splunk to consume.

You can find the script here:

https://github.com/pingidentity/pingone-customers-sample-scripts

  1. Give the files read/write/exec permissions that are appropriate for your Splunk user. You might also need to set up the appropriate permissions to read/write/exec from the directory in which you saved the script.
  2. The script writes to and reads from the disk, so ensure that Splunk has access.
  3. Update the path to STATUS_FILE in poll_activities.js to match the directory in which you placed your script, and same for the get_activities.py if you chose to use it.
  4. Update the ENV_ID, CLIENT_ID, and CLIENT_SECRET in poll_activities.js to match your environment and your application's credentials.