Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Python SDK: Is it possible generate a Splunk alert based on a triggered python script

abarik
New Member
‎07-03-2013 07:17 AM

Hi,
I would first like to explain my requirement: Ultimately, I want to generate a alert (email) based on two conditions:

  1. Certain syslog message pattern is seen on a device
  2. After logging into the device, and giving some verification commands, certain output is seen

I understand that Splunk can do the 1st part (generating alert based on syslog message) very well, but it can't do the 2nd part (logging into a device and executing some commands and take action based on output).

Thats why, I would like to run a Python script that does the 2nd part.

To summarize, I just want to know if I can do the following:

  1. When a syslog message appears on a device, that should trigger a Python Script (I know this is possible)
  2. The Python Script will login to router and execute some commands (not a Splunk requirement)
  3. Based on the output of those commands, the python script should be able to tell Splunk to generate an alert (Is this possible with Splunk Python SDK?)

I hope I have made it clear,
Thanks,

0 Karma
Reply

cschmidt0121
Path Finder
‎07-03-2013 12:06 PM

Your could make a search that alerts every time it is run and run that from the Python script. Of course that wouldn't be able to receive input based on the commands run by the script.

If you're just looking for an e-mail alert, it might be easier to just e-mail directly from the Python script.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...