Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Python SDK: Is it possible generate a Splunk alert based on a triggered python script

abarik
New Member
‎07-03-2013 07:17 AM

Hi,
I would first like to explain my requirement: Ultimately, I want to generate a alert (email) based on two conditions:

  1. Certain syslog message pattern is seen on a device
  2. After logging into the device, and giving some verification commands, certain output is seen

I understand that Splunk can do the 1st part (generating alert based on syslog message) very well, but it can't do the 2nd part (logging into a device and executing some commands and take action based on output).

Thats why, I would like to run a Python script that does the 2nd part.

To summarize, I just want to know if I can do the following:

  1. When a syslog message appears on a device, that should trigger a Python Script (I know this is possible)
  2. The Python Script will login to router and execute some commands (not a Splunk requirement)
  3. Based on the output of those commands, the python script should be able to tell Splunk to generate an alert (Is this possible with Splunk Python SDK?)

I hope I have made it clear,
Thanks,

0 Karma
Reply

cschmidt0121
Path Finder
‎07-03-2013 12:06 PM

Your could make a search that alerts every time it is run and run that from the Python script. Of course that wouldn't be able to receive input based on the commands run by the script.

If you're just looking for an e-mail alert, it might be easier to just e-mail directly from the Python script.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...