Here is a script I wrote to open a Zendesk ticket. By naming the saved search with the proper fields, the fields get parsed out and make for a more meaningful ticket title. It isn't pretty but should get you started. It's written in Python 2.x:

import pycurl
import StringIO
import sys
import re

# ---- Splunk Output (input for this script)
scriptName = sys.argv[0]      # Script name
eventReturned = sys.argv[1]   # Number of events returned
searchTerms = sys.argv[2]     # Search terms
queryString = sys.argv[3]     # Fully qualified query string
searchName = sys.argv[4]      # Name of saved search
triggerReason = sys.argv[5]   # Trigger reason
searchURL = sys.argv[6]       # URL to the saved search
resultsFileRaw = sys.argv[8]  # File where the results for this search are stored (raw)

# ---- Parse Splunk search name to help populate zendesk ticket
zdFields = re.match('^Saved\sSearch\s\["(?P<company>.*?)"\s(?P<priority>\d)\s"(?P<description>.*?)"\]\snumber\sof\sevents.*?$', triggerReason)
zdCompany = zdFields.group('company')
zdPriority = zdFields.group('priority')
zdDesc = zdFields.group('description')

# ---- Global Variables for CURL calls
xmlRequest = '<ticket><subject>' + zdCompany + ': ' + zdDesc + '</subject><description>' + searchURL + '</description><priority-id>' + zdPriority + '</priority-id><ticket-type-id>2</ticket-type-id><requester_id>54</requester_id></ticket>'
ncServerMaxTime = 1
zdURL = "http://sb.zendesk.com/tickets.xml"  # URL to your zendesk page
USER = "<username>"
PASS = "<password>"


# ---- Main
c = pycurl.Curl()
c.setopt(pycurl.URL, zdURL)
c.setopt(pycurl.POST, 1)
c.setopt(pycurl.USERPWD, "%s:%s" % (USER,PASS))
c.setopt(pycurl.HTTPHEADER, ["Content-Type: application/xml"])
c.setopt(pycurl.TIMEOUT, ncServerMaxTime)
c.setopt(pycurl.CONNECTTIMEOUT, ncServerMaxTime)
c.setopt(pycurl.NOSIGNAL, 1)
c.setopt(pycurl.POSTFIELDS, xmlRequest)
b = StringIO.StringIO()
c.setopt(pycurl.WRITEFUNCTION, b.write)
c.perform()