I have an alert that triggers a custom script (python), this script executes several validations on the data and creates a service using the passed session key to execute other 2 SPLs.
At some point the session key is expiring and script fails to execute SPLs.
I’m using the deprecated functionality for custom alerts.
Is there any way to increase the lifetime of the session key ?
Do I need to move to the new custom alert framework to avoid this issue?
I know I can move my code to a separate script that runs in a cron job outside splunk but then it’s more services to maintain plus having to use a username/password to create a splunk service.
The actual process is very convenient in that sense.