Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Python SDK: Is it possible generate a Splunk alert based on a triggered python script

abarik
New Member
‎07-03-2013 07:17 AM

Hi,
I would first like to explain my requirement: Ultimately, I want to generate a alert (email) based on two conditions:

  1. Certain syslog message pattern is seen on a device
  2. After logging into the device, and giving some verification commands, certain output is seen

I understand that Splunk can do the 1st part (generating alert based on syslog message) very well, but it can't do the 2nd part (logging into a device and executing some commands and take action based on output).

Thats why, I would like to run a Python script that does the 2nd part.

To summarize, I just want to know if I can do the following:

  1. When a syslog message appears on a device, that should trigger a Python Script (I know this is possible)
  2. The Python Script will login to router and execute some commands (not a Splunk requirement)
  3. Based on the output of those commands, the python script should be able to tell Splunk to generate an alert (Is this possible with Splunk Python SDK?)

I hope I have made it clear,
Thanks,

0 Karma
Reply

cschmidt0121
Path Finder
‎07-03-2013 12:06 PM

Your could make a search that alerts every time it is run and run that from the Python script. Of course that wouldn't be able to receive input based on the commands run by the script.

If you're just looking for an e-mail alert, it might be easier to just e-mail directly from the Python script.

0 Karma
Reply
Get Updates on the Splunk Community!

AI for AppInspect

We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...