appinspect_results.json

{
	"request_id": null,
	"reports": [
		{
			"app_author": "Cedric Le Roux (updated by Cameron Just)",
			"app_description": "Decode or encode a string in Base64",
			"app_hash": "2a330c610518fce011a61559324bf9a6",
			"app_name": "TA-Base64",
			"app_version": "2.0.1",
			"metrics": {
				"start_time": "2020-06-10T10:37:02.843481",
				"end_time": "2020-06-10T10:37:06.168419",
				"execution_time": 3.324938
			},
			"run_parameters": {
				"included_tags": [],
				"excluded_tags": [],
				"appinspect_version": "2.1.0"
			},
			"groups": [
				{
					"checks": [
						{
							"description": "Check that the app does not use Adobe Flash files.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_packaging_standards.py",
									"line": 467,
									"message": "Didn't find any flash files.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_requires_adobe_flash",
							"result": "not_applicable"
						},
						{
							"description": "Check that the extracted Splunk App contains a default/app.conf\n file.",
							"messages": [],
							"name": "check_that_extracted_splunk_app_contains_default_app_conf_file",
							"result": "success"
						},
						{
							"description": "Check that the extracted Splunk App contains a default/app.conf file\n that contains an [id] or [launcher] stanza with a version property that\n is formatted as Major.Minor.Revision.",
							"messages": [],
							"name": "check_that_extracted_splunk_app_contains_default_app_conf_file_with_valid_version_number",
							"result": "success"
						},
						{
							"description": "Check that the extracted Splunk App does not contain any files\n with incorrect permissions. Files must have the owner's\n permissions include read and write (600).",
							"messages": [],
							"name": "check_that_extracted_splunk_app_does_not_contain_files_with_invalid_permissions",
							"result": "success"
						},
						{
							"description": "Check that the extracted Splunk App does not contain any directories\n with incorrect permissions. Directories and sub directories\n must have the owner's permissions set to r/w/x (700).",
							"messages": [],
							"name": "check_that_extracted_splunk_app_does_not_contain_invalid_directories",
							"result": "success"
						},
						{
							"description": "Check that the extracted Splunk App does not contain any directories or\n files that start with a ., or directories that start with __MACOSX.",
							"messages": [],
							"name": "check_that_extracted_splunk_app_does_not_contain_prohibited_directories_or_files",
							"result": "success"
						},
						{
							"description": "Check that the Splunk App package does not contain any non-app files.\n Files within a valid app folder or valid dependencies within a .dependencies\n folder are permitted, all other files are not.",
							"messages": [],
							"name": "check_that_splunk_app_package_does_not_contain_files_outside_of_app",
							"result": "success"
						},
						{
							"description": "Check that the compressed artifact extracts to a directory that does not\n start with a . character.",
							"messages": [],
							"name": "check_that_splunk_app_package_extracts_to_visible_directory",
							"result": "success"
						},
						{
							"description": "Check that the Splunk app provided does not contain incorrect permissions.\n Packages must have have the owner's read permission set to r (400).",
							"messages": [],
							"name": "check_that_splunk_app_package_has_read_permission",
							"result": "success"
						},
						{
							"description": "Check that the Splunk App package contains only valid dependencies.\n Dependencies are valid if a .dependencies directory contains only valid\n app packages inside.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_packaging_standards.py",
									"line": 273,
									"message": "No ../.dependencies folder found. Please check that the Splunk App package contains only valid dependencies.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_splunk_app_package_has_valid_static_dependencies",
							"result": "not_applicable"
						},
						{
							"description": "Check that the Splunk app provided does not start with a .\n character.",
							"messages": [],
							"name": "check_that_splunk_app_package_name_does_not_start_with_period",
							"result": "success"
						},
						{
							"description": "Check that the Splunk app provided a valid compressed file.",
							"messages": [],
							"name": "check_that_splunk_app_package_valid_compressed_file",
							"result": "success"
						},
						{
							"description": "Check that the Splunk App package with a .dependencies directory also\n contains an app folder with an app.manifest.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_packaging_standards.py",
									"line": 238,
									"message": "No ../.dependencies folder found. Please add a .dependencies directory that contains an app folder with an app.manifest.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_splunk_app_package_with_static_dependencies_has_app_manifest",
							"result": "not_applicable"
						},
						{
							"description": "Check that the Splunk App package with a .dependencies directory also\n contains exactly one valid app folder.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_packaging_standards.py",
									"line": 188,
									"message": "No ../.dependencies folder found. Please add a .dependencies directory with an valid app folder.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_splunk_app_package_with_static_dependencies_has_exactly_one_app_folder",
							"result": "not_applicable"
						}
					],
					"description": "Splunk app packaging standards\nThese checks validate that a Splunk app has been correctly packaged, and can be provided safely for package validation.",
					"name": "check_packaging_standards"
				},
				{
					"checks": [
						{
							"description": "Check that stanzas in authentication.conf do not use the the\n bindDNpassword property.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_authentication_configuration_file.py",
									"line": 56,
									"message": "authentication.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_authentication_conf_does_not_have_binddnpassword_property",
							"result": "not_applicable"
						},
						{
							"description": "Check that saml-* stanzas in authentication.conf do not turn off signedAssertion property",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_authentication_configuration_file.py",
									"line": 82,
									"message": "authentication.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_saml_auth_should_not_turn_off_signed_assertion",
							"result": "not_applicable"
						},
						{
							"description": "Check that all the scripted authentications defined in authentication.conf are explicitly\n set the python.version to python3.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_authentication_configuration_file.py",
									"line": 164,
									"message": "authentication.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_scripted_authentication_has_valid_python_version_property",
							"result": "not_applicable"
						}
					],
					"description": "Authentication.conf file standards\nEnsure that bindDNpassword is not specified. For more, see authentication.conf.",
					"name": "check_authentication_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that authorize.conf does not contain any modified capabilities.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_authorize_configuration_file.py",
									"line": 47,
									"message": "No `default/authorize.conf`file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_authorize_conf_capability_not_modified",
							"result": "not_applicable"
						}
					],
					"description": "Authorize.conf file standards\nEnsure that the authorize configuration file located in the /default folder is well formed and valid. For more, see authorize.conf.",
					"name": "check_authorize_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that commands referenced in the alert.execute.cmd property of all\n alert actions are checked for compliance with Splunk Cloud security policy.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 394,
									"message": "alert_actions.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_alert_actions_conf_for_alert_execute_cmd_properties",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain audit.conf, as it is prohibited in\n Splunk Cloud due to its ability to configure/disable cryptographic signing\n and certificates.",
							"messages": [],
							"name": "check_audit_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that authorize.conf does not grant excessive administrative\n permissions to the user.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 334,
									"message": "authorize.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_authorize_conf_admin_all_objects_privileges",
							"result": "not_applicable"
						},
						{
							"description": "Check that authorize.conf does not contain a tokens_auth stanza",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 357,
									"message": "authorize.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_authorize_conf_for_tokens_auth",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain bookmarks.conf as this\n feature is not available in Splunk Cloud.",
							"messages": [],
							"name": "check_bookmarks_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that custom search commands have an executable or script per\n stanza.",
							"messages": [],
							"name": "check_command_scripts_exist_for_cloud",
							"result": "success"
						},
						{
							"description": "Check that app does not contain datatypesbnf.conf, as it is prohibited\n in Splunk Cloud.",
							"messages": [],
							"name": "check_datatypesbnf_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that directories under default/data/ui contain only allowed files",
							"messages": [],
							"name": "check_default_data_ui_file_white_list",
							"result": "success"
						},
						{
							"description": "Check default/data/ui/manager for any files that\n use password/key/secret and other keywords.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 124,
									"message": "The `default/data/ui/manager` directory does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_data_ui_manager_for_plain_text_credentials",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain default-mode.conf is as it is\n prohibited in Splunk Cloud due to the fact that Splunk Light Forwarders and\n Splunk Universal Forwarders are not run in Splunk Cloud.",
							"messages": [],
							"name": "check_default_mode_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain deployment.conf. Apps should leave\n deployment configuration up to Splunk administrators.\nAlso, deployment.conf has been removed and replaced by:\n 1) deploymentclient.conf - for configuring Deployment Clients\n 2) serverclass.conf - for Deployment Server server class configuration.",
							"messages": [],
							"name": "check_deployment_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain deploymentclient.conf as it configures\n the deployment server client. Apps should leave deployment configuration up\n to Splunk administrators.",
							"messages": [],
							"name": "check_deploymentclient_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check if concerningReplicatedFileSize in distsearch.conf is larger\n than 50 MB.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 560,
									"message": "distsearch.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_distsearch_conf_for_concerning_replicated_file_size",
							"result": "not_applicable"
						},
						{
							"description": "Check that the app does not implement auto-update features.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output, directory)",
									"filename": "check_cloud_simple_app.py",
									"line": 2096,
									"message": "Please check the bin/ directory for app auto-update features, which is prohibited. File: bin/",
									"result": "manual_check",
									"message_filename": "bin/",
									"message_line": null
								}
							],
							"name": "check_for_auto_update_features",
							"result": "manual_check"
						},
						{
							"description": "Check that all executable binary files have matching source code. For any binary files, there\n should be a source code provided with the same name. Or, there should be a decalaration of what the\n binary file is all about in the app's REAMDE. Details for passing this check will be returned if you fail\n it.",
							"messages": [],
							"name": "check_for_binary_files_without_source_code",
							"result": "success"
						},
						{
							"description": "Check that the app exports data to 3rd party services. Splunk Cloud\n Application Security policy defines \"Exporting Splunk Data to 3rd party\n service\" as a moderate security risk and may or may not be permitted based\n on cumulative risk score.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1861,
									"message": "Please check whether the app is sending data to third- party services, which is not recommended.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_communication_with_third_party_services",
							"result": "manual_check"
						},
						{
							"description": "Check that use of\n 'tscollect'\n in .conf filesl and dashboard xmls then fail it.",
							"messages": [],
							"name": "check_for_implementing_tscollect",
							"result": "success"
						},
						{
							"description": "Check that indexes.conf does not declare volumes.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 641,
									"message": "indexes.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_index_volume_usage",
							"result": "not_applicable"
						},
						{
							"description": "Check [fifo] or [monitor] stanza in inputs.conf is not pointing to a path\n within cloud replicated scope defined by distsearch.conf. [fifo] or [monitor] usually\n points to a file whose size may inflates. This kind of file MUST NOT be replicated across cloud\n environments as it will increase the workload of network.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"The default/inputs.conf does not exist.\")",
									"filename": "check_cloud_simple_app.py",
									"line": 721,
									"message": "The default/inputs.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_inputs_fifo_or_monitor_usage",
							"result": "not_applicable"
						},
						{
							"description": "Check whether the app contains java files. Java files will be inspected\n for compliance with Splunk Cloud security policy.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 2162,
									"message": "No java files found in app.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_java",
							"result": "not_applicable"
						},
						{
							"description": "Check third party libraries for known vulnerabilities. Splunk Cloud\n Application Security policy defines \"Included application libraries have\n multiple vulnerabilities not covered by the components in Transit\" as a\n moderate security risk and may or may not be permitted based on\n cumulative risk score.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 2125,
									"message": "Please check for known vulnerabilities in third-party libraries. Use these links: https://web.nvd.nist.gov/view/vuln/search. and https://nvd.nist.gov/cvss.cfm",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_known_vulnerabilities_in_third_party_libraries",
							"result": "manual_check"
						},
						{
							"description": "Check for pre-filled lookup tables. Splunk\n Cloud Application Security policy defines \"Lookup Table with Customer\n Supplied Data\" as a minor risk and may or may not be permitted based on\n cumulative risk score.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"The lookups/ directory does not exist.\")",
									"filename": "check_cloud_simple_app.py",
									"line": 1844,
									"message": "The lookups/ directory does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_lookup_tables_prefilled_with_customer_data",
							"result": "not_applicable"
						},
						{
							"description": "Check that the app does not monitor Splunk Cloud infrastructure.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1822,
									"message": "Please check for monitoring of Splunk Cloud infrastructure.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_monitoring_of_splunk_cloud_infrastructure",
							"result": "manual_check"
						},
						{
							"description": "Check if the app contains Perl scripts. Perl scripts will be inspected\n for compliance with Splunk Cloud security policy.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 2143,
									"message": "No Perl scripts found in app.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_perl",
							"result": "not_applicable"
						},
						{
							"description": "Check that the app requires access to private infrastructure. Splunk\n Cloud Application Security policy defines \"Network access required to\n customer service and or infrastructure\" as a minor risk and may or may\n not be permitted based on cumulative risk score.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1875,
									"message": "Please check for required access to private infrastructure.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_required_access_to_private_infrastructure",
							"result": "manual_check"
						},
						{
							"description": "Check that the app does not contain reverse shells.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 2073,
									"message": "Please check for reverse shells.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_reverse_shells",
							"result": "manual_check"
						},
						{
							"description": "Check that app does not contain health.conf as sc_admin is not able\n to see or configure health report in Cloud.",
							"messages": [],
							"name": "check_health_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that indexes defined in indexes.conf use relative paths starting\n with $SPLUNK_DB.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 613,
									"message": "indexes.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_indexes_conf_only_uses_splunk_db_variable",
							"result": "not_applicable"
						},
						{
							"description": "Check that batch input accesses files in a permitted way.\nTo be permissible, the batch input must meet the following criteria:\n 1) The file path needs to match a file in the directory \"$SPLUNK_HOME/var/spool/splunk/\"\n 2) The file name needs to be application specific \"$SPLUNK_HOME/etc/apps/\"\n 3) The file name should not end with \"stash\" or \"stash_new\"",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 931,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_batch",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/inputs.conf or local/inputs.conf does not contain a fschange\n stanza.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 832,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_fschange",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/inputs.conf or local/inputs.conf does not contain a [http]\n stanza.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 859,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_http_global_usage",
							"result": "not_applicable"
						},
						{
							"description": "Check that inputs.conf does not have any remote_queue inputs.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 997,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_remote_queue_monitor",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/inputs.conf or local/inputs.conf does not contain a splunktcp\n stanza.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 808,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_splunk_tcp",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/inputs.conf or local/inputs.conf does not contain a splunktcptoken\n stanza.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 884,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_splunktcptoken",
							"result": "not_applicable"
						},
						{
							"description": "Check that inputs.conf does not have any SSL inputs.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 975,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_ssl",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/inputs.conf or local/inputs.conf does not contain a tcp stanza.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 782,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_tcp",
							"result": "not_applicable"
						},
						{
							"description": "Check that inputs.conf does not have any UDP inputs.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 953,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_udp",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain instance.cfg.conf. Apps should not\n configure server/instance specific settings.",
							"messages": [],
							"name": "check_instance_cfg_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain crawl.conf\n as it allows Splunk to introspect the filesystem which is not\n permitted in Splunk Cloud.",
							"messages": [],
							"name": "check_introspection_of_cloud_filesystem",
							"result": "success"
						},
						{
							"description": "Check that app does not contain literals.conf. Apps should not\n alter/override text strings displayed in Splunk Web.",
							"messages": [],
							"name": "check_literals_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that lookups/ contains only approved file types (.csv,\n .csv.default, .csv.gz, .csv.tgz, .kmz) or files formatted as valid csv.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 184,
									"message": "The `lookups` directory does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_lookups_white_list",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain messages.conf. Apps should not\n alter/override messages/externalized strings.",
							"messages": [],
							"name": "check_messages_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that the metadata/ directory only contains .meta files.",
							"messages": [],
							"name": "check_metadata_white_list",
							"result": "success"
						},
						{
							"description": "Check that there is a script file in bin/ for each modular input\n defined in README/inputs.conf.spec.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1140,
									"message": "No `inputs.conf.spec` was detected.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_modular_inputs_scripts_exist_for_cloud",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain pubsub.conf as it defines a custom\n client for the deployment server. Apps should leave deployment\n configuration up to Splunk administrators.",
							"messages": [],
							"name": "check_pubsub_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check the cmd path pattern of scripted input defined in inputs.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1062,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_scripted_inputs_cmd_path_pattern",
							"result": "not_applicable"
						},
						{
							"description": "Check that python version is python3 for scripted inputs defined in inputs.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1094,
									"message": "`default/inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_scripted_inputs_python_version",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain segmenters.conf. A misconfigured\n segmenters.conf can result in unsearchable data that could only be\n addressed by re-indexing and segmenters.conf configuration is system-wide.",
							"messages": [],
							"name": "check_segmenters_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain serverclass.conf as it defines\n deployment server classes for use with deployment server. Apps should\n leave deployment configuration up to Splunk administrators.",
							"messages": [],
							"name": "check_serverclass_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain serverclass.seed.xml.conf as it\n configures deploymentClient to seed a Splunk installation with applications\n at startup time. Apps should leave deployment configuration up to Splunk\n administrators.",
							"messages": [],
							"name": "check_serverclass_seed_xml_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that setup.xml does not exist in the app default folder",
							"messages": [],
							"name": "check_setup_xml_in_default",
							"result": "success"
						},
						{
							"description": "Check that app does not contain source-classifier.conf.conf as it\n configures system-wide settings for ignoring terms (such as sensitive\n data).",
							"messages": [],
							"name": "check_source_classifier_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain sourcetypes.conf as it is a\n machine-generated file that stores source type learning rules. props.conf\n should be used to define sourcetypes.",
							"messages": [],
							"name": "check_sourcetypes_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain splunk-launch.conf as it defines\n environment values used at startup time. System-wide environment variables\n should be left up to Splunk administrators.",
							"messages": [],
							"name": "check_splunk_launch_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that only role-mapping stanza is allowed in authenticaiton.conf as long as it doesn't map users to a cloud-internal role.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1331,
									"message": "`default/authentication.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_stanza_of_authentication_conf",
							"result": "not_applicable"
						},
						{
							"description": "Check that the static/ directory contains only known file types.",
							"messages": [],
							"name": "check_static_directory_file_white_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain telemetry.conf as it controls a\n Splunk-internal feature that should not be configured by apps.",
							"messages": [],
							"name": "check_telemetry_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that the app contains MS Windows specific components, which will not\n function correctly in Splunk Cloud whose OS should be Linux x64.",
							"messages": [],
							"name": "check_that_app_contains_any_windows_specific_components",
							"result": "success"
						},
						{
							"description": "Check that the app does not contain configurations of default source type in props.conf,\n which will overwrite the configurations of default source types in system/default/props.conf\n then it will affect other apps in splunk enterprise/cloud.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1578,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_no_configurations_of_default_source_type_in_props_conf",
							"result": "not_applicable"
						},
						{
							"description": "Check that the app does not have default/passwords.conf, otherwise, warn it.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1543,
									"message": "passwords.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_passwords_conf_not_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that transforms.conf does not contain any transforms with malicious\n command scripts specified by external_cmd=<string> attribute, or does not contain\n a scripted lookup with python2 only script.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_cloud_simple_app.py",
									"line": 1254,
									"message": "`default/transforms.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_transforms_conf_for_external_cmd",
							"result": "not_applicable"
						},
						{
							"description": "Check that app does not contain user-seed.conf as it is used to\n preconfigure default login and password information.",
							"messages": [],
							"name": "check_user_seed_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain wmi.conf is as it is prohibited in\n Splunk Cloud due to its ability to configure Splunk to ingest data via\n Windows Management Instrumentation, which should be done via forwarder.\n Forwarders are not permitted in Splunk Cloud.",
							"messages": [],
							"name": "check_wmi_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain workload_pools.conf in Cloud. App should\n not modify workload categories/pools. It should be only controlled by cloud\n administrators.",
							"messages": [],
							"name": "check_workload_pools_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that app does not contain workload_rules.conf in Cloud as it\n automatically trigger actions on running search processes.",
							"messages": [],
							"name": "check_workload_rules_conf_black_list",
							"result": "success"
						}
					],
					"description": "Cloud operations simple application check\nThis group serves to help validate simple applications in an effort to try and automate the validation process for cloud operations.",
					"name": "check_cloud_simple_app"
				},
				{
					"checks": [
						{
							"description": "check the property defined in spec file of README/savedsearches.conf.spec\n if the property is defined in spec file and does not provide a default value in\n default/savedsearches.conf, this check should fail.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 776,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_default_values_for_modviz",
							"result": "not_applicable"
						},
						{
							"description": "Check appserver/static/visualizations/<viz_name>/formatter.html for bad nodes that\n are removed by Splunk's .../search_mrsparkle/exposed/js/util/htmlcleaner.js when rendered.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 448,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_formatter_html_bad_nodes",
							"result": "not_applicable"
						},
						{
							"description": "Check appserver/static/visualizations/<viz_name>/formatter.html for comments that\n are removed by Splunk's .../search_mrsparkle/exposed/js/util/htmlcleaner.js when rendered.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 378,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_formatter_html_comments",
							"result": "not_applicable"
						},
						{
							"description": "Check appserver/static/visualizations/<viz_name>/formatter.html for css expressions from all <style> tags\n that are replaced by Splunk's .../search_mrsparkle/exposed/js/util/htmlcleaner.js when rendered.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 630,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_formatter_html_css_expressions",
							"result": "not_applicable"
						},
						{
							"description": "Check appserver/static/visualizations/<viz_name>/formatter.html for inappropriate attributes that\n are removed by Splunk's .../search_mrsparkle/exposed/js/util/htmlcleaner.js when rendered.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 543,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_formatter_html_inappropriate_attributes",
							"result": "not_applicable"
						},
						{
							"description": "Check appserver/static/visualizations/<viz_name>/formatter.html for inline style attributes\n from all <style> tags that are removed by Splunk's .../search_mrsparkle/exposed/js/util/htmlcleaner.js\n when rendered.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 696,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_formatter_html_inline_style_attributes",
							"result": "not_applicable"
						},
						{
							"description": "Check that each custom visualization stanza in\n default/visualizations.conf has a matching directory in the\n appserver/static/visualizations/ directory.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 259,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_matching_stanza_visualization_directory",
							"result": "not_applicable"
						},
						{
							"description": "Check that each custom visualization stanza in\n default/visualizations.conf has some required source files in the\n appserver/static/visualizations/<visualization_name>/ directory.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 315,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_required_files_for_visualization",
							"result": "not_applicable"
						},
						{
							"description": "Check that custom visualizations have an\n appserver/static/visualizations/ directory.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 147,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_visualizations_directory",
							"result": "not_applicable"
						},
						{
							"description": "Check the required file appserver/static/visualizations/<viz_name>/preview.png\n exists for the visualization",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 61,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_visualizations_preview_png",
							"result": "not_applicable"
						},
						{
							"description": "Check that each stanza in default/vizualizations.conf has a matching\n stanza in metadata/default.meta.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_custom_visualizations.py",
									"line": 211,
									"message": "visualizations.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_visualizations_conf_has_matching_default_meta_stanza",
							"result": "not_applicable"
						}
					],
					"description": "Custom visualizations support checks\nCustom visualizations are defined in /default/visualizations.conf file. For more, see Custom visualization API reference.",
					"name": "check_custom_visualizations"
				},
				{
					"checks": [
						{
							"description": "Check if any sensitive data leakage in console log",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_javascript_files.py",
									"line": 112,
									"message": "No JavaScript files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_console_log_injection_in_javascript",
							"result": "not_applicable"
						},
						{
							"description": "Check if the app contains possible iframe in JavaScript files, templates or html pages.",
							"messages": [],
							"name": "check_for_iframe_in_javascript",
							"result": "success"
						},
						{
							"description": "Check if the app contain possible insecure http request in JavaScript files.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_javascript_files.py",
									"line": 49,
									"message": "No JavaScript files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_insecure_http_request_in_javascript",
							"result": "not_applicable"
						},
						{
							"description": "Check if possible reflected xss in JavaScript",
							"messages": [],
							"name": "check_for_reflected_xss_in_javascript",
							"result": "success"
						},
						{
							"description": "Check if the app contain possible remote code execution in JavaScript files.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_javascript_files.py",
									"line": 133,
									"message": "No JavaScript files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_remote_code_execution_in_javascript",
							"result": "not_applicable"
						},
						{
							"description": "Check if possible stored xss in JavaScript",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_javascript_files.py",
									"line": 222,
									"message": "`default/setup.xml` does not exist. The stored xss check is not applicable",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_stored_xss_in_javascript",
							"result": "not_applicable"
						},
						{
							"description": "Check if the app contains udp communication in JavaScript files.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_javascript_files.py",
									"line": 175,
									"message": "No JavaScript files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_udp_communication_in_javascript",
							"result": "not_applicable"
						},
						{
							"description": "Check if any weak encryption in JavaScript",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_javascript_files.py",
									"line": 154,
									"message": "No JavaScript files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_weak_encryption_and_hashing_in_javascript",
							"result": "not_applicable"
						}
					],
					"description": "JavaScript file standards",
					"name": "check_javascript_files"
				},
				{
					"checks": [
						{
							"description": "Check that default/limits.conf has not been included.",
							"messages": [],
							"name": "check_limits_conf",
							"result": "success"
						}
					],
					"description": "Limits.conf file standards\nEnsure that /default/limits.conf file is omitted.\nWhen included in the app, the limits.conf file changes the limits that are placed on the system for hardware use and memory consumption, which is a task that should be handled by Splunk administrators and not by Splunk app developers. For more, see limits.conf.",
					"name": "check_limits_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that forwarding enabled in 'outputs.conf' is failed in cloud",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_outputs_configuration_file.py",
									"line": 28,
									"message": "`outputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_if_outputs_conf_exists",
							"result": "not_applicable"
						}
					],
					"description": "Outputs.conf file standards\nEnsure that the outputs.conf file located in the /default folder of the app is well formed and valid. For more, see outputs.conf.",
					"name": "check_outputs_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that app does not use findtypes command. This command was for eventtype\n auto-discovering, which is deprecated in Splunk 5.0.",
							"messages": [],
							"name": "check_deprecated_eventtype_autodiscovering",
							"result": "success"
						},
						{
							"description": "Check that saved searches are not used within event types.\n https://docs.splunk.com/Documentation/Splunk/5.0/ReleaseNotes/Deprecatedfeatures\n https://docs.splunk.com/Documentation/Splunk/7.2.5/Knowledge/Abouteventtypes",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_5_0_deprecated_features.py",
									"line": 39,
									"message": "eventtypes.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_savedsearches_used_in_eventtypes_conf",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 5.0\nThe following features should not be supported in Splunk 5.0 or later.",
					"name": "check_splunk_5_0_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check that app does not contain crawl.conf as it was deprecated&removed in Splunk.",
							"messages": [],
							"name": "check_crawl_conf_black_list",
							"result": "success"
						},
						{
							"description": "Check that default/viewstates.conf does not exist in the app.\n (http://docs.splunk.com/Documentation/Splunk/6.0/AdvancedDev/Migration#Viewstates_are_no_longer_supported_in_simple_XML)",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_0_deprecated_features.py",
									"line": 29,
									"message": "viewstates.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_viewstates_conf",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 6.0\nThe following features should not be supported in Splunk 6.0 or later.",
					"name": "check_splunk_6_0_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check that deprecated datamodel/acceleration is not used.\n https://docs.splunk.com/Documentation/Splunk/6.2.0/RESTREF/RESTknowledge",
							"messages": [],
							"name": "check_for_datamodel_acceleration_endpoint_usage",
							"result": "success"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 6.1\nThe following features should not be supported in Splunk 6.1 or later.",
					"name": "check_splunk_6_1_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check Dashboard XML files for <list> element. <list> was deprecated in Splunk 6.2\n and removed in Splunk 6.5.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_dashboard_xml_list_element",
							"result": "not_applicable"
						},
						{
							"description": "Check for the deprecated <earliestTime> and <latestTime> elements in dashboard XML files.\n As of version 6.2 these elements are replaced by <earliest> and <latest> elements.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_earliest_time_and_latest_time_elements_in_dashboard_xml",
							"result": "not_applicable"
						},
						{
							"description": "Check for the deprecated <populatingSearch> and <populatingSavedSearch> elements in dashboard XML files.\n Use the <search> element instead.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_populating_search_element_in_dashboard_xml",
							"result": "not_applicable"
						},
						{
							"description": "Check for the deprecated grouping attribute of row node in Simple XML files.\n Use the <panel> node instead.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_simple_xml_row_grouping",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 6.2\nThe following features should not be supported in Splunk 6.2 or later.\nhttps://docs.splunk.com/Documentation/Splunk/6.2.0/ReleaseNotes/Deprecatedfeatures",
					"name": "check_splunk_6_2_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check for use of Django bindings.",
							"messages": [],
							"name": "check_for_django_bindings",
							"result": "success"
						},
						{
							"description": "Check for use of running a script in alert action",
							"messages": [],
							"name": "check_for_run_script_alert_action",
							"result": "success"
						},
						{
							"description": "Check for Simple XML <chart> panels with deprecated options\n charting.axisLabelsY.majorTickSize or\n charting.axisLabelsY.majorLabelVisibility.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_3_deprecated_features.py",
									"line": 113,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_simple_xml_chart_element_with_deprecated_option_names",
							"result": "not_applicable"
						},
						{
							"description": "Check for the deprecated <option name='previewResults'> in Simple XML\n files.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_simple_xml_option_element_with_name_previewresults",
							"result": "not_applicable"
						},
						{
							"description": "Check for the deprecated <searchTemplate>, <searchString>, <searchName>,\n and <searchPostProcess> element in Simple XML files.\n Use the <search> element instead.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_simple_xml_search_related_element",
							"result": "not_applicable"
						},
						{
							"description": "Check for the deprecated <seed> option in Simple XML forms.\n Use the <initialValue> element instead.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_simple_xml_seed_element",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 6.3\nThese following features should not be supported in Splunk 6.3 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_6_3_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check that <option name=\"height\"> uses an integer for the value. Do not\n use <option name=\"height\">[value]px</option>.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_4_deprecated_features.py",
									"line": 160,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_noninteger_height_option",
							"result": "not_applicable"
						},
						{
							"description": "Check Simple XML files for <single> panels with deprecated options\n 'additionalClass', 'afterLabel', 'beforeLabel', 'classField', 'linkFields',\n 'linkSearch', 'linkView'",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_4_deprecated_features.py",
									"line": 46,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_simple_xml_single_element_with_deprecated_option_names",
							"result": "not_applicable"
						},
						{
							"description": "Checks that views are not importing d3chartview.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_4_deprecated_features.py",
									"line": 192,
									"message": "No .js files exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_splunk_js_d3chartview",
							"result": "not_applicable"
						},
						{
							"description": "Checks that views are not importing googlemapsview.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_4_deprecated_features.py",
									"line": 223,
									"message": "No .js files exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_splunk_js_googlemapsview",
							"result": "not_applicable"
						},
						{
							"description": "Check that a web.conf does not use the property\n 'simple_xml_force_flash_charting'.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_4_deprecated_features.py",
									"line": 135,
									"message": "No web.conf file found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_web_conf_for_simple_xml_force_flash_charting",
							"result": "not_applicable"
						},
						{
							"description": "Check that web.conf does not use the simple_xml_module_render\n property.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_4_deprecated_features.py",
									"line": 105,
									"message": "No web.conf file found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_web_conf_for_simple_xml_module_render",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 6.4\nThe following features should not be supported in Splunk 6.4 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_6_4_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check Dashboard XML files for <option> element with the deprecated option value \"refresh.auto.interval\"\n i.e. <option name=\"refresh.auto.interval\">",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_dashboard_xml_option_element_with_deprecated_attribute_value",
							"result": "not_applicable"
						},
						{
							"description": "Checks that views are not importing splunkjs/mvc/headerview or splunkjs/mvc/footerrview.\n These are replaced by LayoutView in Splunk 6.5. LayoutView is not backwards compatible to Splunk 6.4 or earlier.\n Only use LayoutView if you are only targeting Splunk 6.5 or above.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_6_5_deprecated_features.py",
									"line": 63,
									"message": "No .js,.html files exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_splunk_js_header_and_footer_view",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 6.5\nThe following features should not be supported in Splunk 6.5 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_6_5_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check apps/appinstall usages",
							"messages": [],
							"name": "check_for_app_install_endpoint",
							"result": "success"
						},
						{
							"description": "Check removed support for setting autoLB in outputs.conf",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No outputs.conf file exists.\")",
									"filename": "check_splunk_6_6_deprecated_features.py",
									"line": 66,
									"message": "No outputs.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_autolb_setting_in_outputs_conf",
							"result": "not_applicable"
						},
						{
							"description": "Check existence for displayRowNumbers option in simple xml. This option\n is no longer supported since Splunk 6.6.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "__init__.py",
									"line": 56,
									"message": "No xml files found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_displayrownumbers_in_simple_xml",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated or removed features from Splunk Enterprise 6.6\nThe following features should not be supported in Splunk 6.6 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_6_6_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check deprecated input command usage.",
							"messages": [],
							"name": "check_for_input_command_usage",
							"result": "success"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 7.1\nThe following features should not be supported in Splunk 7.1 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_7_1_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check deprecated literals.conf existence.",
							"messages": [],
							"name": "check_for_deprecated_literals_conf",
							"result": "success"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 7.2\nThe following features should not be supported in Splunk 7.2 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_7_2_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check deprecated tscollect command usage.",
							"messages": [],
							"name": "check_for_tscollect_command_usage",
							"result": "success"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 7.3\nThe following features should not be supported in Splunk 7.3 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_7_3_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check that there is no Advanced XML, which was deprecated in Splunk Enterprise 6.3.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No xml files are found.\")",
									"filename": "check_splunk_8_0_deprecated_features.py",
									"line": 175,
									"message": "No xml files are found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_advanced_xml_module_elements",
							"result": "not_applicable"
						},
						{
							"description": "Check for the existence of custom CherryPy endpoints, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_8_0_deprecated_features.py",
									"line": 59,
									"message": "No web.conf file found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_cherry_py_custom_controller_web_conf_endpoints",
							"result": "not_applicable"
						},
						{
							"description": "Check for the existence of Python code block in Mako templates, which must be upgraded to be Python 3-compatible for the Splunk Enterprise 8.0.",
							"messages": [],
							"name": "check_for_existence_of_python_code_block_in_mako_template",
							"result": "success"
						},
						{
							"description": "Check for the existence of Python scripts, which must be upgraded to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0.",
							"messages": [
								{
									"code": "reporter.warn(report_output.format(count))",
									"filename": "check_splunk_8_0_deprecated_features.py",
									"line": 301,
									"message": "28 Python files found. Update these Python scripts to be cross-compatible with Python 2 and 3 for Splunk Enterprise 8.0. See https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration for more information. If you've finished your update, please disregard this message.",
									"result": "warning",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_python_script_existence",
							"result": "warning"
						},
						{
							"description": "Check for the existence of the M2Crypto package usage, which is removed in the Splunk Enterprise 8.0.",
							"messages": [],
							"name": "check_for_removed_m2crypto_usage",
							"result": "success"
						},
						{
							"description": "Check that there is no file named test.py, which is a reserved filename.",
							"messages": [],
							"name": "check_for_reserved_filename_test_py",
							"result": "success"
						},
						{
							"description": "Check that Splunk Web is not in Legacy Mode, which was deprecated in Splunk Enterprise 6.4.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_splunk_8_0_deprecated_features.py",
									"line": 250,
									"message": "No web.conf file found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_splunk_web_legacy_mode",
							"result": "not_applicable"
						}
					],
					"description": "Deprecated features from Splunk Enterprise 8.0\nThe following features should not be supported in Splunk 8.0.0 or later. For more, see Deprecated features and Changes for Splunk App developers.",
					"name": "check_splunk_8_0_deprecated_features"
				},
				{
					"checks": [
						{
							"description": "Check that web.conf only defines [endpoint:] and [expose:]\n stanzas, with [expose:*] only containing pattern= and methods=.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_web_configuration_file.py",
									"line": 85,
									"message": "No web.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_web_conf",
							"result": "not_applicable"
						},
						{
							"description": "Check that apps only expose web endpoints that are defined by\n the Splunk App within restmap.conf. Each web.conf\n [expose:] stanza should have the property pattern= which defines a url\n pattern to expose. Each url pattern exposed should correspond to a stanza\n within restmap.conf with a url pattern defined with the match=\n property, or for the case of [admin:] stanzas a combination of match= and\n members= properties.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_web_configuration_file.py",
									"line": 188,
									"message": "No web.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_web_conf_expose_patterns_have_restmap_matches",
							"result": "not_applicable"
						}
					],
					"description": "Web.conf File Standards\nEnsure that web.conf is safe for cloud deployment and that any exposed\npatterns match endpoints defined by the app - apps should not expose endpoints\nother than their own.\nIncluding web.conf can have adverse impacts for cloud. Allow only\n[endpoint:*] and [expose:*] stanzas, with expose only containing pattern=\nand methods= properties.\n\nweb.conf\n",
					"name": "check_web_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that all external data sources are explained in the app's\n documentation.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_external_data_sources.py",
									"line": 23,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_external_data_sources",
							"result": "manual_check"
						}
					],
					"description": "Calls to external data sources",
					"name": "check_external_data_sources"
				},
				{
					"checks": [
						{
							"description": "Check that a valid inputs.conf.spec file are located in the README/\n directory.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 37,
									"message": "No `inputs.conf.spec` file exists. Please check that a valid `inputs.conf.spec` file is located in the `README/`directory.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf",
							"result": "not_applicable"
						},
						{
							"description": "Check that README/inputs.conf.spec contains stanzas.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 67,
									"message": "No `inputs.conf.spec` file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_spec_has_stanzas",
							"result": "not_applicable"
						},
						{
							"description": "Check that modular input stanzas do not contain duplicate arguments.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 231,
									"message": "No `inputs.conf.spec` was detected.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_spec_has_no_duplicate_properties",
							"result": "not_applicable"
						},
						{
							"description": "Check that modular inputs do not have duplicate stanzas.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 206,
									"message": "No `inputs.conf.spec` was detected.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_spec_has_no_duplicate_stanzas",
							"result": "not_applicable"
						},
						{
							"description": "Check lines breaks are included in configuration when using a modular\n input.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 263,
									"message": "No `inputs.conf.spec` was detected.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_spec_stanza_args_broken_correctly",
							"result": "not_applicable"
						},
						{
							"description": "Check that all the modular inputs defined in inputs.conf.spec are explicitly\n set the python.version to python3.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 150,
									"message": "No `inputs.conf.spec` file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_spec_stanzas_has_python_version_property",
							"result": "not_applicable"
						},
						{
							"description": "Check that modular inputs specify arguments.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 181,
									"message": "No `inputs.conf.spec` file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_spec_stanzas_have_properties",
							"result": "not_applicable"
						},
						{
							"description": "Check that there is a script file in bin/ for each modular input\n defined in README/inputs.conf.spec.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_modular_inputs.py",
									"line": 309,
									"message": "No `inputs.conf.spec` was detected.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_modular_inputs_scripts_exist",
							"result": "not_applicable"
						}
					],
					"description": "Modular inputs structure and standards\nModular inputs are configured in an inputs.conf.spec file located in the /README directory of the app. For more, see Modular inputs overview, Modular inputs configuration, and Modular inputs basic example.",
					"name": "check_modular_inputs"
				},
				{
					"checks": [
						{
							"description": "Check that all JSON files are well formed.",
							"messages": [],
							"name": "check_validate_json_data_is_well_formed",
							"result": "success"
						}
					],
					"description": "JSON file standards",
					"name": "check_json_files"
				},
				{
					"checks": [
						{
							"description": "Check that no two files/directories under the lookups directory have this naming pattern respectively: \n xxx and xxx.default - with the only difference in the .default extension. \n During the installation of an app in Splunk Cloud, a lookup file will be temporarily renamed to append an additional\n .default extension to it, which will cause error if a namesake file already exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"lookups folder does not exist\")",
									"filename": "check_lookup_files.py",
									"line": 101,
									"message": "lookups folder does not exist",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_lookups_file_name",
							"result": "not_applicable"
						},
						{
							"description": "Check that .csv files are not empty, have at least two columns, have\n headers with no more than 4096 characters, do not use Macintosh-style (\\r)\n line endings, have the same number of columns in every row, and contain\n only UTF-8 characters.",
							"messages": [],
							"name": "check_lookup_csv_is_valid",
							"result": "success"
						}
					],
					"description": "Lookup file standards\nLookups add fields from an external source to events based on the values of fields that are already present in those events.",
					"name": "check_lookup_files"
				},
				{
					"checks": [
						{
							"description": "Check that a savedsearches.conf file exists at\n default/savedsearches.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 36,
									"message": "No savedsearches.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_saved_search_conf_exists",
							"result": "not_applicable"
						},
						{
							"description": "Check that email alerts (action.email.to) set in savedsearches.conf\n do not have a default value.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 97,
									"message": "No savedsearches.conf exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_emails_in_saved_search",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/savedsearches.conf has no description properties\n that are empty.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 265,
									"message": "`default/savedsearches.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_empty_saved_search_description",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/savedsearches.conf searches are cron scheduled\n reasonably. Less than five asterisks should be used.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 237,
									"message": "`default/savedsearches.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_gratuitous_cron_scheduling",
							"result": "not_applicable"
						},
						{
							"description": "Check that no real-time pre-index saved searches are being used in\n savedsearches.conf. Real-time pre-index saved searches are extremely\n system intensive and should be avoided.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 123,
									"message": "`default/savedsearches.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_real_time_saved_searches",
							"result": "not_applicable"
						},
						{
							"description": "Check that no real-time pre-index saved searches are being used in\n savedsearches.conf. Real-time pre-index saved searches are extremely\n system intensive and should be avoided.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 161,
									"message": "`default/savedsearches.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_real_time_saved_searches_for_cloud",
							"result": "not_applicable"
						},
						{
							"description": "Check that if a scheduled saved search in savedsearch.conf contains dispatch.earliest_time option,\n or if a scheduled saved search with auto summary enabled contains auto_summarize.dispatch.earliest_time option",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 299,
									"message": "No `default/savedsearches.conf`file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_sched_saved_searches_earliest_time",
							"result": "not_applicable"
						},
						{
							"description": "Check that if a savedsearch.conf stanza contains scheduling options\n it does contain a dispatch.latest_time",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_saved_searches.py",
									"line": 347,
									"message": "No `default/savedsearches.conf`file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_sched_saved_searches_latest_time",
							"result": "not_applicable"
						},
						{
							"description": "Check that saved searches have a search string specified.",
							"messages": [],
							"name": "check_saved_search_specifies_a_search",
							"result": "success"
						},
						{
							"description": "Check that saved searches are enabled.",
							"messages": [],
							"name": "check_saved_searches_are_not_disabled",
							"result": "success"
						}
					],
					"description": "Saved search standards\nSaved searches are defined in a savedsearches.conf file located in the /default directory of the app. For more, see Save and share your reports and savedsearches.conf.",
					"name": "check_saved_searches"
				},
				{
					"checks": [
						{
							"description": "Check that the app.conf contains an application version number in the\n [launcher] stanza.",
							"messages": [],
							"name": "check_app_version",
							"result": "success"
						},
						{
							"description": "Check that default/app.conf has author = <some words are not about Splunk> must not\n has attributes label or description with values of Splunk App for XXXX.",
							"messages": [],
							"name": "check_for_invalid_app_names",
							"result": "success"
						},
						{
							"description": "Check that default/app.conf doesn't have a reload.<CONF_FILE>, where CONF_FILE is\n a non-custom conf. (https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/Appconf#.5Btriggers.5D)",
							"messages": [],
							"name": "check_for_trigger_stanza",
							"result": "success"
						},
						{
							"description": "Check that the [package] stanza in app.conf has a valid id value.\n See https://docs.splunk.com/Documentation/Splunk/latest/Admin/Appconf for details.",
							"messages": [
								{
									"code": "reporter.warn(reporter_output, filename, lineno)",
									"filename": "check_app_configuration_file.py",
									"line": 130,
									"message": "The app.conf [package] stanza's has 'id' property: TA-base64, while '-' is not recommended. See https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Appconf for more details. File: default/app.conf Line Number: 15",
									"result": "warning",
									"message_filename": "default/app.conf",
									"message_line": 15
								}
							],
							"name": "check_for_valid_package_id",
							"result": "warning"
						},
						{
							"description": "Check in default/app.conf, install_source_checksum/install_source_local_checksum not be set explicitly.",
							"messages": [],
							"name": "check_no_install_source_checksum",
							"result": "success"
						},
						{
							"description": "Check that default/app.conf setting is_configured = False.",
							"messages": [],
							"name": "check_that_setup_has_not_been_performed",
							"result": "success"
						}
					],
					"description": "App.conf standards\nThe app.conf file located at default/app.conf provides key application information and branding. For more, see app.conf.",
					"name": "check_app_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that static/appIcon_2x is 72x72px or less",
							"messages": [],
							"name": "check_app_icon_2x_dimensions",
							"result": "success"
						},
						{
							"description": "Check that static/appIcon_2x is a png file",
							"messages": [],
							"name": "check_app_icon_2x_is_png",
							"result": "success"
						},
						{
							"description": "Check that static/appIconAlt_2x.png is 72x72px or less",
							"messages": [
								{
									"code": "reporter.not_applicable(\"static/appIconAlt_2x.png does not exist.\")",
									"filename": "check_application_content.py",
									"line": 168,
									"message": "static/appIconAlt_2x.png does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_app_icon_alt_2x_dimensions",
							"result": "not_applicable"
						},
						{
							"description": "Check that static/appIconAlt_2x is a png file",
							"messages": [
								{
									"code": "reporter.not_applicable(\"static/appIconAlt_2x.png does not exist.\")",
									"filename": "check_application_content.py",
									"line": 149,
									"message": "static/appIconAlt_2x.png does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_app_icon_alt_2x_is_png",
							"result": "not_applicable"
						},
						{
							"description": "Check that static/appIconAlt.png is 36x36px or less",
							"messages": [],
							"name": "check_app_icon_alt_dimensions",
							"result": "success"
						},
						{
							"description": "Check that static/appIconAlt is a png file",
							"messages": [],
							"name": "check_app_icon_alt_is_png",
							"result": "success"
						},
						{
							"description": "Check that static/appIcon is 36x36px or less",
							"messages": [],
							"name": "check_app_icon_dimensions",
							"result": "success"
						},
						{
							"description": "Check that static/appIcon is a png file",
							"messages": [],
							"name": "check_app_icon_is_png",
							"result": "success"
						},
						{
							"description": "Check that static/appLogo_2x.png is 320x80px or less",
							"messages": [
								{
									"code": "reporter.not_applicable(\"static/appLogo_2x.png does not exist.\")",
									"filename": "check_application_content.py",
									"line": 238,
									"message": "static/appLogo_2x.png does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_app_logo_2x_dimensions",
							"result": "not_applicable"
						},
						{
							"description": "Check that static/appLogo_2x is a png file",
							"messages": [
								{
									"code": "reporter.not_applicable(\"static/appLogo_2x.png does not exist.\")",
									"filename": "check_application_content.py",
									"line": 219,
									"message": "static/appLogo_2x.png does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_app_logo_2x_is_png",
							"result": "not_applicable"
						},
						{
							"description": "Check that static/appLogo.png is 160x40px or less",
							"messages": [
								{
									"code": "reporter.not_applicable(\"static/appLogo.png does not exist.\")",
									"filename": "check_application_content.py",
									"line": 203,
									"message": "static/appLogo.png does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_app_logo_dimensions",
							"result": "not_applicable"
						},
						{
							"description": "Check that static/appLogo is a png file",
							"messages": [
								{
									"code": "reporter.not_applicable(\"static/appLogo.png does not exist.\")",
									"filename": "check_application_content.py",
									"line": 184,
									"message": "static/appLogo.png does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_app_logo_is_png",
							"result": "not_applicable"
						}
					],
					"description": "Application content structure standards\nEnsure that the application content adheres to Splunk standards.",
					"name": "check_application_content"
				},
				{
					"checks": [
						{
							"description": "Check that the 'local' directory does not exist. All configuration\n should be in the 'default' directory.",
							"messages": [],
							"name": "check_that_local_does_not_exist",
							"result": "success"
						},
						{
							"description": "Check that app has no .conf or dashboard filenames that contain spaces.\n Splunk software does not support such files.",
							"messages": [],
							"name": "check_filenames_for_spaces",
							"result": "success"
						},
						{
							"description": "Check that the file 'local.meta' does not exist. All metadata\n permissions should be set in 'default.meta'.",
							"messages": [],
							"name": "check_for_local_meta",
							"result": "success"
						},
						{
							"description": "Check splunklib dependency should not be placed under app's bin folder. Please refer to\n https://dev.splunk.com/view/SP-CAAAER3 and https://dev.splunk.com/view/SP-CAAAEU2 for more details/examples.",
							"messages": [],
							"name": "check_splunklib_dependency_under_bin_folder",
							"result": "success"
						},
						{
							"description": "Check that the app name does not start with digits",
							"messages": [],
							"name": "check_that_app_name_config_is_valid",
							"result": "success"
						},
						{
							"description": "Check that when decompressed the Splunk app directory name matches the id property\n in the [package] stanza in app.conf.\n For Cloud apps, the id property must exist and match the app directory name. \n For on-premise apps, if the id property exists, it must match the app directory name;\n if there is no id property, check_for_updates must be set to False in app.conf for the check to pass.",
							"messages": [],
							"name": "check_that_directory_name_matches_package_id",
							"result": "success"
						},
						{
							"description": "Check that local/passwords.conf does not exist. Password files are not\n transferable between instances.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_application_structure.py",
									"line": 71,
									"message": "The local directory does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_local_passwords_conf_does_not_exist",
							"result": "not_applicable"
						}
					],
					"description": "Directory structure standards\nEnsure that the directories and files in the app adhere to hierarchy standards.",
					"name": "check_application_structure"
				},
				{
					"checks": [
						{
							"description": "Check that all config files parse cleanly- no trailing whitespace after\n continuations, no duplicated stanzas or options.",
							"messages": [],
							"name": "check_config_file_parsing",
							"result": "success"
						},
						{
							"description": "Check that default/inputs.conf or local/inputs.conf does not use any global settings.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_configuration_files.py",
									"line": 154,
									"message": "`inputs.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_inputs_conf_for_global_settings",
							"result": "not_applicable"
						},
						{
							"description": "Check that app conf files do not point to files outside the app container.\n Because hard-coded paths won't work in Splunk Cloud, we don't consider to\n check absolute paths.",
							"messages": [],
							"name": "check_manipulation_outside_of_app_container",
							"result": "success"
						},
						{
							"description": "Check that app does not contain any .conf files that create global\n definitions using the [default] stanza.",
							"messages": [],
							"name": "check_no_default_stanzas",
							"result": "success"
						},
						{
							"description": "Check that no duplicate\n stanzas exist in .conf files.",
							"messages": [],
							"name": "check_validate_no_duplicate_stanzas_in_conf_files",
							"result": "success"
						}
					],
					"description": "Configuration file standards\nEnsure that all configuration files located in the /default folder are well formed and valid.",
					"name": "check_configuration_files"
				},
				{
					"checks": [
						{
							"description": "Check that all the coldToFrozenScript in indexes.conf are explicitly\n set the python.version to python3.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_indexes_configuration_file.py",
									"line": 230,
									"message": "indexes.conf does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_coldToFrozenScript_has_valid_python_version_property",
							"result": "not_applicable"
						},
						{
							"description": "Check that all index definitions exist all required options including:\n homePath, coldPath, and thawedPath.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_indexes_configuration_file.py",
									"line": 105,
									"message": "No `default/indexes.conf` file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_index_definition_has_required_options",
							"result": "not_applicable"
						},
						{
							"description": "Check that the app does not create indexes.",
							"messages": [],
							"name": "check_indexes_conf_does_not_exist",
							"result": "success"
						},
						{
							"description": "Check that indexes.conf only contains the required 'homePath' , 'coldPath', and 'thawedPath' properties\n or the optional 'frozenTimePeriodInSecs', 'disabled', 'datatype' and 'repFactor' properties.\n All other properties are prohibited.\n This check is cloud only because indexes are not allowed via check_indexes_conf_does_not_exist.",
							"messages": [],
							"name": "check_indexes_conf_properties",
							"result": "success"
						},
						{
							"description": "Check that no default Splunk indexes are modified by the app.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_indexes_configuration_file.py",
									"line": 69,
									"message": "No `default/indexes.conf`file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_validate_default_indexes_not_modified",
							"result": "not_applicable"
						}
					],
					"description": "Indexes.conf file standards\nEnsure that the index configuration file located in the /default folder is well formed and valid. For more, see indexes.conf.",
					"name": "check_indexes_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that all .meta files parse with no trailing whitespace after\n continuations with no duplicate stanzas or options.",
							"messages": [],
							"name": "check_meta_file_parsing",
							"result": "success"
						},
						{
							"description": "Check that .meta files do not have duplicate\n stanzas.",
							"messages": [],
							"name": "check_validate_no_duplicate_stanzas_in_meta_files",
							"result": "success"
						}
					],
					"description": "Meta file standards\nEnsure that all meta files located in the /metadata folder are well formed and valid.",
					"name": "check_meta_files"
				},
				{
					"checks": [
						{
							"description": "Check that pretrained sourctypes in props.conf have only \"TRANSFORM-\" settings,\n and that those transforms only modify the host, source, or sourcetype.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 415,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_pretrained_sourcetypes_have_only_allowed_transforms",
							"result": "not_applicable"
						},
						{
							"description": "Check that there is a 'transforms.conf' file when REPORT- options are\n defined in props.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 164,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_props_conf_has_report_option_and_transforms_conf_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that each REPORT- in props.conf has an associated stanza in\n transforms.conf file.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 230,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_props_conf_has_report_option_and_transforms_conf_has_matching_stanza",
							"result": "not_applicable"
						},
						{
							"description": "Check that REPORT- options in props.conf, have either DELIMS or REGEX\n options in the matching transforms.conf stanza.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 336,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_props_conf_has_report_option_and_transforms_conf_has_required_option",
							"result": "not_applicable"
						},
						{
							"description": "Check that there is a 'transforms.conf' file when TRANSFORM- options\n are defined in props.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 63,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_props_conf_has_transforms_option_and_transforms_conf_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that TRANSFORM- options in props.conf have associated stanzas in\n transforms.conf file.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 122,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_props_conf_has_transforms_option_and_transforms_conf_has_matching_stanza",
							"result": "not_applicable"
						},
						{
							"description": "Check that the props.conf stanzas (delayedrule, host, rule, or source)\n are followed by ::.\nFor example:\n\n[host::nyc*]\n[rule::bar_some]\n",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_props_configuration_file.py",
									"line": 398,
									"message": "No props.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_props_conf_regex_stanza_name_followed_by_double_colon",
							"result": "not_applicable"
						}
					],
					"description": "Props Configuration file standards\nEnsure that all props.conf files located in the default (or local) folder are well\nformed and valid.\n\nprops.conf\ntransforms.conf\n",
					"name": "check_props_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that server.conf in an app is only allowed to contain:\n 1) conf_replication_include.\\<custom_conf_files> in [shclustering] stanza\n 2) or EXCLUDE-\\<class> property in [diag] stanza",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_server_configuration_file.py",
									"line": 56,
									"message": "No server.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_server_conf_only_contains_custom_conf_sync_stanzas_or_diag_stanza",
							"result": "not_applicable"
						}
					],
					"description": "Server configuration file standards\nEnsure that server.conf is well formed and valid.\nFor detailed information about the server configuration file, see server.conf.",
					"name": "check_server_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that all files in the /lookups directory are referenced in\n transforms.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No transforms.conf in app.\")",
									"filename": "check_transforms_configuration_file.py",
									"line": 51,
									"message": "No transforms.conf in app.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_all_lookups_are_used",
							"result": "not_applicable"
						},
						{
							"description": "Check that all capture groups are used in transforms.conf.\n Groups not used for capturing should use the\n non-capture group syntax",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No transforms.conf in app.\")",
									"filename": "check_transforms_configuration_file.py",
									"line": 110,
									"message": "No transforms.conf in app.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_capture_groups_in_transforms",
							"result": "not_applicable"
						}
					],
					"description": "Transforms.conf file standards\nEnsure that the transforms.conf file located in the /default folder is well formed and valid. For more, see transforms.conf.",
					"name": "check_transforms_configuration_file"
				},
				{
					"checks": [
						{
							"description": "Check that a valid alert_actions.conf file exists at\n default/alert_actions.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_alert_actions_config.py",
									"line": 33,
									"message": "An alert_actions.conf does not exist in the app bundle.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_alert_actions_conf_exists",
							"result": "not_applicable"
						},
						{
							"description": "Check that each custom alert action has a valid executable. If it does, further check\n if the executable is Python script. If it does, further check it's Python 3 compatible.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_alert_actions_config.py",
									"line": 150,
									"message": "No `alert_actions.conf` was detected.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_alert_actions_exe_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that icon files defined for alert actions in alert_actions.conf\n exist.\n Custom Alert Action Component Reference",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_alert_actions_config.py",
									"line": 72,
									"message": "No alert_actions.conf was found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_alert_icon_exists_for_custom_alerts",
							"result": "not_applicable"
						},
						{
							"description": "Check whether any custom alert actions have executable arguments.",
							"messages": [],
							"name": "check_for_explict_exe_args",
							"result": "success"
						},
						{
							"description": "Check that each custom alert action's payload format has a value of xml\n or json.",
							"messages": [],
							"name": "check_for_payload_format",
							"result": "success"
						},
						{
							"description": "Check that each custom alert action has an associated html file.",
							"messages": [],
							"name": "check_workflow_html_exists_for_custom_alert",
							"result": "success"
						}
					],
					"description": "Alert actions structure and standards\nCustom alert actions are defined in an alert_actions.conf file located in the /default directory of the app. For more, see Custom alert actions overview and alert_actions.conf.",
					"name": "check_alert_actions_config"
				},
				{
					"checks": [
						{
							"description": "Check that commands.conf exists at default/commands.conf.",
							"messages": [],
							"name": "check_command_conf_exists",
							"result": "success"
						},
						{
							"description": "Check that custom search commands have an executable or script per\n stanza.",
							"messages": [],
							"name": "check_command_scripts_exist",
							"result": "success"
						},
						{
							"description": "Check that a valid\n default.meta\n file exists when using a custom search command.",
							"messages": [],
							"name": "check_default_meta_exists",
							"result": "success"
						},
						{
							"description": "Check that commands.conf must explicitly define the python.version \n to be python3 for each python-scripted custom command.",
							"messages": [],
							"name": "check_command_scripts_python_version",
							"result": "success"
						},
						{
							"description": "Check that the custom commands attributes maxwait and maxchunksize\n are only used when chunked = true.\n Commands.conf reference",
							"messages": [],
							"name": "check_ignored_parameters_v1_command",
							"result": "success"
						},
						{
							"description": "Check for ignored arguments in commands.conf when chunked=true.\n Commands.conf reference",
							"messages": [],
							"name": "check_ignored_parameters_v2_command",
							"result": "success"
						},
						{
							"description": "Check that custom search commands using passauth have enableheader\n set to true.",
							"messages": [],
							"name": "check_passauth_and_enableheader",
							"result": "success"
						},
						{
							"description": "Check that custom search commands using requires_preop have\n streaming_preop set to true.",
							"messages": [],
							"name": "check_requires_preop_and_streaming_preop",
							"result": "success"
						},
						{
							"description": "Check that custom search commands using requires_srinfo have\n enableheader set to true.",
							"messages": [],
							"name": "check_requires_srinfo_and_enableheader",
							"result": "success"
						}
					],
					"description": "Custom search command structure and standards\nCustom search commands are defined in a commands.conf file in the /default directory of the app. For more, see About writing custom search commands and commands.conf.",
					"name": "check_custom_commands"
				},
				{
					"checks": [
						{
							"description": "Check that stanzas in workflow_actions.conf.spec have the required\n fields, type, and label.",
							"messages": [],
							"name": "check_required_stanza_fields_are_specified",
							"result": "success"
						},
						{
							"description": "Check that a valid workflow_actions.conf file exists at\n default/workflow_actions.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_workflow_actions.py",
									"line": 32,
									"message": "The 'workflow_actions.conf' does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_workflow_actions_conf_exists",
							"result": "not_applicable"
						},
						{
							"description": "Check that for each workflow action in workflow_actions.conf the\n link.uri property uses the https protocol for external links. Unencrypted\n http is permitted for internal links.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_workflow_actions.py",
									"line": 102,
									"message": "`workflow_actions.conf` does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_workflow_actions_link_uri_does_not_use_http_protocol",
							"result": "not_applicable"
						}
					],
					"description": "Custom workflow actions structure and standards\nCustom workflow actions are defined in a workflow_actions.conf file in the /default directory of the app. For more, see About lookups and workflow_actions.conf.",
					"name": "check_workflow_actions"
				},
				{
					"checks": [
						{
							"description": "Check that restmap.conf file exists at default/restmap.conf when\n using REST endpoints.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_rest_endpoints.py",
									"line": 33,
									"message": "No restmap.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_restmap_conf_exists",
							"result": "not_applicable"
						},
						{
							"description": "Check that python version is python3 for executables in restmap.conf.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_rest_endpoints.py",
									"line": 121,
									"message": "No restmap.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_rest_handler_python_executable_exists",
							"result": "not_applicable"
						},
						{
							"description": "Check that each stanza in restmap.conf has a matching handler script.\n if not, fail this app.",
							"messages": [],
							"name": "check_rest_handler_scripts_exist",
							"result": "success"
						},
						{
							"description": "Check that each stanza in restmap.conf has a matching handler script.\n if not, throw a warning.",
							"messages": [],
							"name": "check_rest_handler_scripts_exist_for_cloud",
							"result": "success"
						}
					],
					"description": "REST endpoints and handler standards\nREST endpoints are defined in a restmap.conf file in the /default directory of the app. For more, see restmap.conf.",
					"name": "check_rest_endpoints"
				},
				{
					"checks": [
						{
							"description": "Check that when using data models, the datamodels.conf file only exists\n in the default directory.",
							"messages": [],
							"name": "check_validate_data_models_conf_file_in_correct_locations",
							"result": "success"
						},
						{
							"description": "Check that the use of accelerated data models do not occur. If data model\n acceleration is required, developers should provide directions in documentation\n for how to accelerate data models from within the Splunk Web GUI.\ndata model acceleration",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No datamodels.conf file exists.\")",
									"filename": "check_data_models_config.py",
									"line": 129,
									"message": "No datamodels.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_datamodel_acceleration",
							"result": "not_applicable"
						},
						{
							"description": "Check that each stanza in\n datamodels.conf\n has a matching JSON file in default/data/models/.",
							"messages": [],
							"name": "check_validate_no_missing_json_data",
							"result": "success"
						}
					],
					"description": "Data model files and configurations\nData models are defined in a datamodels.conf file in the /default directory of the app. For more, see About data models and datamodels.conf.",
					"name": "check_data_models_config"
				},
				{
					"checks": [
						{
							"description": "Check that the appserver/ directory exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 29,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_appserver_folder_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/app.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 71,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_app_conf_file_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/deep_dive_drilldowns.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 86,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_deep_dive_drilldowns_conf_file_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/ directory exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 43,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_folder_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/inputs.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 101,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_inputs_conf_file_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/itsi_kpi_base_search.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 131,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_itsi_kpi_base_search_conf_file_exit",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/itsi_kpi_template.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 146,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_itsi_kpi_template_conf_file_exit",
							"result": "not_applicable"
						},
						{
							"description": "Check that default/itsi_service_template.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 116,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_itsi_service_template_conf_file_exist",
							"result": "not_applicable"
						},
						{
							"description": "Check that the default/savedsearches.conf file exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 161,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_default_savedsearches_conf_file_exit",
							"result": "not_applicable"
						},
						{
							"description": "Check that the metadata/ directory exists.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"This is not an ITSI module.\")",
									"filename": "check_itsi_module_file_structure.py",
									"line": 57,
									"message": "This is not an ITSI module.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_metadata_folder_exist",
							"result": "not_applicable"
						}
					],
					"description": "ITSI module file and folder structure verification\nAll the ITSI modules should follow the following file structure:\nsplunk_home/etc/apps/module_folder - appserver[d] - static - default[d] - data[d] - models[d] - ui[d] - panels[d] - views[d] - app.conf[f] - deep_dive_drilldowns.conf[f] - inputs.conf[f] - itsi_kpi_base_search.conf[f] - itsi_kpi_template.conf[f] - itsi_module_viz.conf[f] - itsi_service_template.conf[f] - savedsearches.conf[f] - metadata[d] - default.meta[f]\nTest files should not be included with the package. For example, a directory such as /etc/apps/module_folder/test should not exist.",
					"name": "check_itsi_module_file_structure"
				},
				{
					"checks": [
						{
							"description": "Check that use of the Splunk logo and name meets Splunk\n branding guidelines.\n Customers should avoid using logos that are similar to the Splunk\n logos including the splunk chevron. These are copyrighted items\n and should only be used by Splunk. Additionally apps built by 3rd\n parties should not have names starting with Splunk.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Branding will be inspected during code review.\")",
									"filename": "check_intellectual_property.py",
									"line": 27,
									"message": "Branding will be inspected during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_splunk_logo",
							"result": "manual_check"
						}
					],
					"description": "Intellectual property standards",
					"name": "check_intellectual_property"
				},
				{
					"checks": [
						{
							"description": "Check all python files are well formed under python2 and python3 standard",
							"messages": [],
							"name": "check_all_python_files_are_well_formed",
							"result": "success"
						},
						{
							"description": "Check that the python __import__ method is not used in a way that\n can be exploited (e.g., import(conf_setting) is at risk of code\n injection).",
							"messages": [],
							"name": "check_built_in_import_function",
							"result": "success"
						},
						{
							"description": "Check for builtin functions(open, eval, execfile, file) usages in python files",
							"messages": [
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following line will be inspected during code review. The `__builtin__.open` module/method can be used to manipulate files outside of the app dir. File: lib/splunklib/searchcommands/search_command.py Line Number: 569",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/search_command.py",
									"message_line": 569
								}
							],
							"name": "check_for_builtin_functions",
							"result": "manual_check"
						},
						{
							"description": "Check that there are no .pyc or .pyo files included in the app.",
							"messages": [],
							"name": "check_for_compiled_python",
							"result": "success"
						},
						{
							"description": "Check if custom python interpreters could be used in malicious code execution",
							"messages": [],
							"name": "check_for_custom_python_interpreters",
							"result": "success"
						},
						{
							"description": "check if data compression and archiving libraries could be used to read & write files outside of app dir",
							"messages": [],
							"name": "check_for_data_compression_and_archiving",
							"result": "success"
						},
						{
							"description": "check for data persistence usage which could be used to invoke marshall function call",
							"messages": [],
							"name": "check_for_data_persistence",
							"result": "success"
						},
						{
							"description": "Check if debugging library could be used to execute arbitrary commands",
							"messages": [],
							"name": "check_for_debugging_and_profiling",
							"result": "success"
						},
						{
							"description": "Check for possible file and directory access, they could be used in external file manipulation",
							"messages": [
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following line will be inspected during code review. The `io.open` module/method can be used to access file/directory outside of the app dir. Function call arguments: [\"?\", \"rt\"], keywords: {} File: lib/splunklib/searchcommands/validators.py Line Number: 148",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/validators.py",
									"message_line": 148
								},
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following line will be inspected during code review. The `io.open` module/method can be used to access file/directory outside of the app dir. Function call arguments: [\"?\", \"rt\", \"?\"], keywords: {} File: lib/splunklib/searchcommands/validators.py Line Number: 148",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/validators.py",
									"message_line": 148
								},
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following line will be inspected during code review. The `io.open` module/method can be used to access file/directory outside of the app dir. Function call arguments: [\"?\", \"r\"], keywords: {} File: lib/splunklib/searchcommands/search_command.py Line Number: 282",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/search_command.py",
									"message_line": 282
								},
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following line will be inspected during code review. The `os.makedirs` module/method can be used to access file/directory outside of the app dir. Function call arguments: [\"?\"], keywords: {} File: lib/splunklib/searchcommands/search_command.py Line Number: 551",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/search_command.py",
									"message_line": 551
								},
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following line will be inspected during code review. The `shutil.make_archive` module/method can be used to access file/directory outside of the app dir. Function call arguments: [\"?.dispatch_dir\", \"gztar\", \"?\", \"?\"], keywords: {\"logger\": \"?\"} File: lib/splunklib/searchcommands/search_command.py Line Number: 565",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/search_command.py",
									"message_line": 565
								}
							],
							"name": "check_for_file_and_directory_access",
							"result": "manual_check"
						},
						{
							"description": "check if generic operating system modules could be used to communicate with outside services, files or systems",
							"messages": [],
							"name": "check_for_generic_operating_system_services",
							"result": "success"
						},
						{
							"description": "Check that there are no hidden python files included in the app.",
							"messages": [],
							"name": "check_for_hidden_python_files",
							"result": "success"
						},
						{
							"description": "Check Python code for importing modules dynamically.",
							"messages": [],
							"name": "check_for_importing_modules",
							"result": "success"
						},
						{
							"description": "Check for the use of web server classes, they could be used to start a internal server in current app",
							"messages": [],
							"name": "check_for_internet_protocols_and_support",
							"result": "success"
						},
						{
							"description": "check if networking or file manipulation exist in interprocess modules usage",
							"messages": [
								{
									"code": "line_number=result[\"line_number\"],",
									"filename": "reporter.py",
									"line": 295,
									"message": "The following lines should be inspected during code review. `socket.connect` could be used to open socket connection to outside service. File: lib/splunklib/binding.py Line Number: 564",
									"result": "manual_check",
									"message_filename": "lib/splunklib/binding.py",
									"message_line": 564
								}
							],
							"name": "check_for_interprocess_communication_and_networking",
							"result": "manual_check"
						},
						{
							"description": "Check if MS Windows specific service modules could be used to execute dangerous windows platform commands",
							"messages": [],
							"name": "check_for_ms_windows_specific_services",
							"result": "success"
						},
						{
							"description": "Check for operating system features that are available on selected operating systems only.",
							"messages": [],
							"name": "check_for_optional_operating_system_services",
							"result": "success"
						},
						{
							"description": "check for plain text credentials disclosure in python files",
							"messages": [],
							"name": "check_for_plain_text_credentials_in_python",
							"result": "success"
						},
						{
							"description": "Check for the use of threading, and multiprocesses. Threading or process must be\n used with discretion and not negatively affect the Splunk installation as a\n whole.",
							"messages": [],
							"name": "check_for_possible_threading",
							"result": "success"
						},
						{
							"description": "Check if program frameworks could be used to interface with web part",
							"messages": [],
							"name": "check_for_program_frameworks",
							"result": "success"
						},
						{
							"description": "Check if multimedia services module could be used to execute unknown-source multimedia files",
							"messages": [],
							"name": "check_for_python_multimedia_services",
							"result": "success"
						},
						{
							"description": "Check if python runtime services could be used to manipulate system python objects",
							"messages": [],
							"name": "check_for_python_runtime_services",
							"result": "success"
						},
						{
							"description": "Check for UDP network communication",
							"messages": [],
							"name": "check_for_python_udp_network_communications",
							"result": "success"
						},
						{
							"description": "Check if restricted execution exist in current app",
							"messages": [],
							"name": "check_for_restricted_execution",
							"result": "success"
						},
						{
							"description": "check if possible reverse shell exist in python code",
							"messages": [],
							"name": "check_for_reverse_shell_and_backdoor",
							"result": "success"
						},
						{
							"description": "Check possible root privilege escalation",
							"messages": [],
							"name": "check_for_root_privilege_escalation",
							"result": "success"
						},
						{
							"description": "Check that all network communications are encrypted",
							"messages": [],
							"name": "check_for_unencrypted_network_communications",
							"result": "success"
						},
						{
							"description": "Check for untrusted xml usages in python libraries",
							"messages": [],
							"name": "check_python_untrusted_xml_functions",
							"result": "success"
						}
					],
					"description": "Python file standards",
					"name": "check_python_files"
				},
				{
					"checks": [
						{
							"description": "Check that no plain text authorization credentials are stored in the\n app.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Code will be manually inspected during code review.\")",
									"filename": "check_malware.py",
									"line": 65,
									"message": "Code will be manually inspected during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_authorization_credentials",
							"result": "manual_check"
						},
						{
							"description": "Check that embedded links included in the app are not malicious.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Links will be manually inspected during code review.\")",
									"filename": "check_malware.py",
									"line": 56,
									"message": "Links will be manually inspected during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_embedded_links",
							"result": "manual_check"
						},
						{
							"description": "Check that the app does not include any offensive material.",
							"messages": [],
							"name": "check_for_offensive_material",
							"result": "success"
						},
						{
							"description": "Check that no sensitive hostnames/IPs are stored in the app.",
							"messages": [],
							"name": "check_hostnames_and_ips",
							"result": "success"
						}
					],
					"description": "Malware, viruses, malicious content, user security standards",
					"name": "check_malware"
				},
				{
					"checks": [
						{
							"description": "Check for the use of malicious shell commands in configuration files or shell scripts to\n corrupt the OS or Splunk instance. Other scripting languages are covered by other checks.",
							"messages": [],
							"name": "check_destructive_commands",
							"result": "success"
						},
						{
							"description": "Check that applications only write to the following directories\n <SPLUNK_HOME>/etc/<APP_NAME>/local,\n <SPLUNK_HOME>/etc/<APP_NAME>/lookup\n<SPLUNK_HOME>/var/log/<APP_NAME>/<LOG_NAME>.log,\n <SPLUNK_HOME>/var/log/<APP_NAME>.log\n<SPLUNK_HOME>/var/run and OS temporary directories.",
							"messages": [
								{
									"code": "reporter.manual_check(\"File access will be inspected during code review.\")",
									"filename": "check_potentially_harmful_operations.py",
									"line": 154,
									"message": "File access will be inspected during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_fs_writes",
							"result": "manual_check"
						},
						{
							"description": "Check for hard-coded filepaths in scripts relative to author's local\n developer environment, or absolute paths.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/app/1922/'. File: README Line Number: 8",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "8"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/t5/Developing-for-Splunk-Enterprise/Splunklib-Python-SDK-doesn-t-pass-Splunk-8-x-Upgrade-Readiness/td-p/503646'. File: README Line Number: 25",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "25"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/app/1922/'. File: README Line Number: 30",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "30"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/splunk/splunk-sdk-python'. File: README Line Number: 33",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "33"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/app/4698/'. File: README Line Number: 37",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "37"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/'. File: bin/test-b64.py.debugging Line Number: 40",
									"result": "manual_check",
									"message_filename": "bin/test-b64.py.debugging",
									"message_line": "40"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/auth/login\"),'. File: lib/splunklib/binding.py Line Number: 879",
									"result": "manual_check",
									"message_filename": "lib/splunklib/binding.py",
									"message_line": "879"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/msg\")'. File: lib/splunklib/binding.py Line Number: 1020",
									"result": "manual_check",
									"message_filename": "lib/splunklib/binding.py",
									"message_line": "1020"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/x-www-form-urlencoded\"))'. File: lib/splunklib/binding.py Line Number: 1223",
									"result": "manual_check",
									"message_filename": "lib/splunklib/binding.py",
									"message_line": "1223"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/1.6.13\",'. File: lib/splunklib/binding.py Line Number: 1381",
									"result": "manual_check",
									"message_filename": "lib/splunklib/binding.py",
									"message_line": "1381"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/local/\"'. File: lib/splunklib/client.py Line Number: 87",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "87"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/capabilities/\"'. File: lib/splunklib/client.py Line Number: 88",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "88"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/conf-%s/\"'. File: lib/splunklib/client.py Line Number: 89",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "89"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/\"'. File: lib/splunklib/client.py Line Number: 90",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "90"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/client/\"'. File: lib/splunklib/client.py Line Number: 91",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "91"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/tenants/\"'. File: lib/splunklib/client.py Line Number: 92",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "92"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/server/\"'. File: lib/splunklib/client.py Line Number: 93",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "93"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/serverclass/\"'. File: lib/splunklib/client.py Line Number: 94",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "94"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/eventtypes/\"'. File: lib/splunklib/client.py Line Number: 95",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "95"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/fired_alerts/\"'. File: lib/splunklib/client.py Line Number: 96",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "96"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/indexes/\"'. File: lib/splunklib/client.py Line Number: 97",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "97"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/inputs/\"'. File: lib/splunklib/client.py Line Number: 98",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "98"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/jobs/\"'. File: lib/splunklib/client.py Line Number: 99",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "99"
								},
								{
									"code": "reporter.manual_check(reporter_output, file_name, line_number)",
									"filename": "check_potentially_harmful_operations.py",
									"line": 78,
									"message": "Found possible hard-coded path '/server/logger/\"'. File: lib/splunklib/client.py Line Number: 100",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": "100"
								},
								{
									"code": "max_records=max_messages",
									"filename": "validation_report_json_formatter.py",
									"line": 82,
									"message": "Suppressed 21 manual_check messages",
									"result": "warning",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_hard_coded_paths",
							"result": "manual_check"
						},
						{
							"description": "Check that scripts are not trying to switch into other user accounts,\n create new users, run sudo.",
							"messages": [],
							"name": "check_user_privileges",
							"result": "success"
						}
					],
					"description": "Operating system standards",
					"name": "check_potentially_harmful_operations"
				},
				{
					"checks": [
						{
							"description": "Check for command injection through environment variables.",
							"messages": [],
							"name": "check_for_command_injection_through_env_vars",
							"result": "success"
						},
						{
							"description": "Check for environment variable manipulation and attempts to monitor\n sensitive environment variables.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output, filename, line)",
									"filename": "check_security.py",
									"line": 380,
									"message": "Environment variable being used in bin/b64.py:7: os.environ. File: bin/b64.py Line Number: 7",
									"result": "manual_check",
									"message_filename": "bin/b64.py",
									"message_line": "7"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line)",
									"filename": "check_security.py",
									"line": 380,
									"message": "Environment variable being used in lib/splunklib/searchcommands/validators.py:159: os.environ. File: lib/splunklib/searchcommands/validators.py Line Number: 159",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/validators.py",
									"message_line": "159"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line)",
									"filename": "check_security.py",
									"line": 380,
									"message": "Environment variable being used in lib/splunklib/searchcommands/validators.py:159: os.environ. File: lib/splunklib/searchcommands/validators.py Line Number: 159",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/validators.py",
									"message_line": "159"
								}
							],
							"name": "check_for_environment_variable_use_in_python",
							"result": "manual_check"
						},
						{
							"description": "Check for insecure HTTP calls in Python.",
							"messages": [],
							"name": "check_for_insecure_http_calls_in_python",
							"result": "success"
						},
						{
							"description": "Check for use of pexpect to ensure it is only controlling app\n processes.",
							"messages": [],
							"name": "check_for_pexpect",
							"result": "success"
						},
						{
							"description": "Check for passwords and secrets.",
							"messages": [],
							"name": "check_for_secret_disclosure",
							"result": "success"
						},
						{
							"description": "Check for sensitive information being exposed in transit via URL query string parameters",
							"messages": [],
							"name": "check_for_sensitive_info_in_url",
							"result": "success"
						},
						{
							"description": "Check that stack traces are not being returned to an end user.",
							"messages": [],
							"name": "check_for_stacktrace_returned_to_user",
							"result": "success"
						},
						{
							"description": "Check for command injection in VBS files.",
							"messages": [],
							"name": "check_for_vbs_command_injection",
							"result": "success"
						},
						{
							"description": "Check no symlink points to the file outside this app",
							"messages": [],
							"name": "check_symlink_outside_app",
							"result": "success"
						}
					],
					"description": "Security vulnerabilities",
					"name": "check_security"
				},
				{
					"checks": [
						{
							"description": "Check that files outside of the bin/ and appserver/controllers directory do not have execute\n permissions and are not .exe files.\n On Unix platform, Splunk recommends 644 for all app files outside of the bin/ directory, 644 for\n scripts within the bin/ directory that are invoked using an interpreter (e.g. python my_script.py\n or sh my_script.sh), and 755 for scripts within the bin/ directory that are invoked directly\n (e.g. ./my_script.sh or ./my_script).\n On Windows platform, Splunk recommends removing user's FILE_GENERIC_EXECUTE for all app files outside\n of the bin/ directory except users in ['Administrators', 'SYSTEM', 'Authenticated Users', 'Administrator'].",
							"messages": [],
							"name": "check_for_bin_files",
							"result": "success"
						},
						{
							"description": "Check that files outside of the bin/ directory do not appear to be\n executable according to the Unix file command. From man file: files have\n a ``magic number'' stored in a particular place near the beginning of the\n file that tells the UNIX operating system that the file is a binary\n executable.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/__init__.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/__init__.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/binding.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/binding.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/client.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/client.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/data.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/data.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/ordereddict.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/ordereddict.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/results.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/results.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/six.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/six.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/argument.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/argument.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/event.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/event.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/event_writer.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/event_writer.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/input_definition.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/input_definition.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/scheme.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/scheme.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/script.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/script.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/utils.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/utils.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/validation_definition.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/validation_definition.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/modularinput/__init__.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/modularinput/__init__.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/decorators.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/decorators.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/environment.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/environment.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/eventing_command.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/eventing_command.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/external_search_command.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/external_search_command.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/generating_command.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/generating_command.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/internals.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/internals.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/reporting_command.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/reporting_command.py",
									"message_line": null
								},
								{
									"code": "reporter.manual_check(reporter_output, current_file_relative_path)",
									"filename": "check_source_and_binaries.py",
									"line": 138,
									"message": "The executable will be inspected during code review: File: lib/splunklib/searchcommands/search_command.py",
									"result": "manual_check",
									"message_filename": "lib/splunklib/searchcommands/search_command.py",
									"message_line": null
								},
								{
									"code": "max_records=max_messages",
									"filename": "validation_report_json_formatter.py",
									"line": 82,
									"message": "Suppressed 3 manual_check messages",
									"result": "warning",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_executable_flag",
							"result": "manual_check"
						},
						{
							"description": "Check that no files have *nix write permissions for all users\n (xx2, xx6, xx7). Splunk recommends 644 for all app files outside of the\n bin/ directory, 644 for scripts within the bin/ directory that are\n invoked using an interpreter (e.g. python my_script.py or\n sh my_script.sh), and 755 for scripts within the bin/ directory that are\n invoked directly (e.g. ./my_script.sh or ./my_script).\n Since appinspect 1.6.1, check that no files have nt write permissions for all users.",
							"messages": [],
							"name": "check_for_expansive_permissions",
							"result": "success"
						},
						{
							"description": "Check that URLs do not include redirect or requests from external web\n sites.",
							"messages": [
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://community.splunk.com/t5/Developing-for-Splunk-Enterprise/Splunklib-Python-SDK-doesn-t-pass-Splunk-8-x-Upgrade-Readiness/td-p/503646 File: README Line Number: 25",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "25"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://github.com/splunk/splunk-sdk-python File: README Line Number: 33",
									"result": "manual_check",
									"message_filename": "README",
									"message_line": "33"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://web.nvd.nist.gov/view/vuln/search. File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://nvd.nist.gov/cvss.cfm\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/5.0/ReleaseNotes/Deprecatedfeatures\\n File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/7.2.5/Knowledge/Abouteventtypes\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/6.2.0/RESTREF/RESTknowledge\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: nhttps://docs.splunk.com/Documentation/Splunk/6.2.0/ReleaseNotes/Deprecatedfeatures\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/Appconf#.5Btriggers.5D)\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/latest/Admin/Appconf File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Appconf File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://dev.splunk.com/view/SP-CAAAER3 File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://dev.splunk.com/view/SP-CAAAEU2 File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://community.splunk.com/t5/Developing-for-Splunk-Enterprise/Splunklib-Python-SDK-doesn-t-pass-Splunk-8-x-Upgrade-Readiness/td-p/503646 File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://github.com/splunk/splunk-sdk-python File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://web.nvd.nist.gov/view/vuln/search. File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://nvd.nist.gov/cvss.cfm\\\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/5.0/ReleaseNotes/Deprecatedfeatures\\\\n File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/7.2.5/Knowledge/Abouteventtypes\\\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/6.2.0/RESTREF/RESTknowledge\\\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: nhttps://docs.splunk.com/Documentation/Splunk/6.2.0/ReleaseNotes/Deprecatedfeatures\\\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "reporter.manual_check(reporter_output, filename, line_number)",
									"filename": "check_source_and_binaries.py",
									"line": 211,
									"message": "A file was detected that contains that a url. Match: https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/Appconf#.5Btriggers.5D)\\\", File: appinspect_results.json Line Number: 1",
									"result": "manual_check",
									"message_filename": "appinspect_results.json",
									"message_line": "1"
								},
								{
									"code": "max_records=max_messages",
									"filename": "validation_report_json_formatter.py",
									"line": 82,
									"message": "Suppressed 48 manual_check messages",
									"result": "warning",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_for_urls_in_files",
							"result": "manual_check"
						},
						{
							"description": "Check that documentation declares platform-specific binaries.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_source_and_binaries.py",
									"line": 336,
									"message": "No platform-specific binaries found.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_platform_specific_binaries",
							"result": "not_applicable"
						}
					],
					"description": "Source code and binaries standards",
					"name": "check_source_and_binaries"
				},
				{
					"checks": [
						{
							"description": "Check that the app has a <APP_DIR>/README file that includes\n version support, system requirements, installation, configuration,\n troubleshooting and running of the app, or a link to online documentation.",
							"messages": [],
							"name": "check_basic_readme",
							"result": "success"
						},
						{
							"description": "Check that use of custom commands\n is explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_standards.py",
									"line": 138,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_custom_commands",
							"result": "manual_check"
						},
						{
							"description": "Check that use of\n report acceleration,\n search acceleration, or summary indexing is explained in the app's\n documentation.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No savedsearches.conf file exists.\")",
									"filename": "check_documentation_standards.py",
									"line": 127,
									"message": "No savedsearches.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_search_acceleration",
							"result": "not_applicable"
						},
						{
							"description": "Check that prerequisites of the app are explained in the app's\n documentation. All prerequisites must be either\n packaged with your app, or be available on Splunkbase.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_standards.py",
									"line": 151,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_dependencies",
							"result": "manual_check"
						},
						{
							"description": "Check that all open source components used in developing the app are\n listed in the app's README files with the version number and a link to the\n project's website.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_standards.py",
									"line": 109,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_documented_included_open_source",
							"result": "manual_check"
						},
						{
							"description": "Check that documentation is in English.",
							"messages": [],
							"name": "check_documentation_language",
							"result": "success"
						},
						{
							"description": "Check that documentation is free of major editing and\n proofreading (spelling, grammar, punctuation) issues.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_standards.py",
									"line": 98,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_editing_and_proofreading",
							"result": "manual_check"
						},
						{
							"description": "Check that any compressed archives within the main release that\n need extracting are explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.not_applicable(reporter_output)",
									"filename": "check_documentation_standards.py",
									"line": 171,
									"message": "No archived files found in app.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_archived_files",
							"result": "not_applicable"
						},
						{
							"description": "Check that forwarding enabled in 'outputs.conf' is explained in the\n app's documentation.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No outputs.conf file exists.\")",
									"filename": "check_documentation_standards.py",
									"line": 193,
									"message": "No outputs.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_outputs_documented",
							"result": "not_applicable"
						}
					],
					"description": "Documentation standards",
					"name": "check_documentation_standards"
				},
				{
					"checks": [
						{
							"description": "Check that the use of datamodels is explained in the app's\n documentation.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No datamodels.conf file exists.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 57,
									"message": "No datamodels.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_implements_data_models",
							"result": "not_applicable"
						},
						{
							"description": "Check that the use of\n inputcsv\n is explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 68,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_implements_inputcsv",
							"result": "manual_check"
						},
						{
							"description": "Check that the use of\n outputcsv\n is explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 81,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_implements_outputcsv",
							"result": "manual_check"
						},
						{
							"description": "Check that use of\n 'tscollect'\n is explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 43,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_implements_tscollect",
							"result": "manual_check"
						},
						{
							"description": "Check that any outbound network communications in\n outputs.conf\n are explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No outputs.conf exists.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 99,
									"message": "No outputs.conf exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_initiates_outbound_communications",
							"result": "not_applicable"
						},
						{
							"description": "Check that file access outside of the app's home directory,\n $SPLUNK_HOME/var/log, $SPLUNK_HOME/var/run, and system temporary directories\n is explained in the app's documentation.",
							"messages": [
								{
									"code": "reporter.manual_check(\"File access will be inspected during code review.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 109,
									"message": "File access will be inspected during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_requires_access_to_files_outside_apps_dir",
							"result": "manual_check"
						},
						{
							"description": "Check that use of 'eventgen.conf' is explained in the app's\n documentation.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"No eventgen.conf file exists.\")",
									"filename": "check_documentation_for_sensitive_functionality.py",
									"line": 31,
									"message": "No eventgen.conf file exists.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_uses_eventgen",
							"result": "not_applicable"
						}
					],
					"description": "Appropriate use of sensitive functionality",
					"name": "check_documentation_for_sensitive_functionality"
				},
				{
					"checks": [
						{
							"description": "Check that the app installs on all claimed target platforms.",
							"messages": [
								{
									"code": "reporter.manual_check(\"App will be checked during code review.\")",
									"filename": "check_support_and_installation_standards.py",
									"line": 29,
									"message": "App will be checked during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_install_on_claimed_targets",
							"result": "manual_check"
						},
						{
							"description": "Check that the app can be setup on a distributed system after\n self-service. Warn if setup configures non-search-head features like\n inputs. This makes the app incompatible with distributed environments.",
							"messages": [],
							"name": "check_setup_in_distributed_environment",
							"result": "success"
						},
						{
							"description": "If json schema is 2.0.0 in app.manifest then warn it.\n Because schema version of 2.0.0 is not yet compatible with any versions\n of the Splunk Cloud. So far, all cloud stack are 7.0 and lower but\n Json Schema 2.0.0 is only compatible with Splunk 7.1+.",
							"messages": [
								{
									"code": "reporter.not_applicable(\"app.manifest does not exist.\")",
									"filename": "check_support_and_installation_standards.py",
									"line": 150,
									"message": "app.manifest does not exist.",
									"result": "not_applicable",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_that_json_schema_is_applicable",
							"result": "not_applicable"
						}
					],
					"description": "Platform targets and claimed supported Splunk Enterprise versions",
					"name": "check_support_and_installation_standards"
				},
				{
					"checks": [
						{
							"description": "Check that the app's documentation lists contact information and level\n of support for the app. Any level of support is acceptable for developer\n supported apps, as long as it is clearly declared in documentation.\n Community supported apps must be open source with a public repository.\n For example:\n * Email support during weekday business hours (US, West Coast).\n * Phone support 24x7 @ +1 (555) 123-4567.\n * This is an open source project, no support provided, public repository\n available.",
							"messages": [
								{
									"code": "reporter.manual_check(\"Documentation will be read during code review.\")",
									"filename": "check_support_requirements.py",
									"line": 31,
									"message": "Documentation will be read during code review.",
									"result": "manual_check",
									"message_filename": null,
									"message_line": null
								}
							],
							"name": "check_link_includes_contact_info",
							"result": "manual_check"
						}
					],
					"description": "Support requirements",
					"name": "check_support_requirements"
				},
				{
					"checks": [
						{
							"description": "Check any XML files that embed JavaScript via CDATA for compliance\n with Splunk Cloud security policy.",
							"messages": [],
							"name": "check_for_xml_embedded_javascript",
							"result": "success"
						},
						{
							"description": "Check that all XML files are well-formed.",
							"messages": [],
							"name": "check_that_all_xml_files_are_well_formed",
							"result": "success"
						},
						{
							"description": "Ensure that global event handlers are not used within XML files.",
							"messages": [],
							"name": "check_validate_no_event_handler",
							"result": "success"
						}
					],
					"description": "XML file standards",
					"name": "check_xml_files"
				}
			],
			"summary": {
				"error": 0,
				"failure": 0,
				"skipped": 0,
				"manual_check": 28,
				"not_applicable": 143,
				"warning": 2,
				"success": 146
			}
		}
	],
	"summary": {
		"error": 0,
		"failure": 0,
		"skipped": 0,
		"manual_check": 28,
		"not_applicable": 143,
		"warning": 2,
		"success": 146
	},
	"metrics": {
		"start_time": "2020-06-10T10:37:00.449789",
		"end_time": "2020-06-10T10:37:06.171164",
		"execution_time": 5.721375
	}
}