All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Scripting in Splunk interface

harshal_chakran
Builder
‎10-07-2013 11:45 PM

Hi,
I wanted to know if complex scripting logic can be written on the splunk web interface. If yes, then how? or Do I have to use SDK's for writing complex logic.
As I understand till yet the things which we can do is create searches. Does splunk provide any functionality other than search to write complex business logic.

For e.g.
Suppose I have two different data sources. One is test data and other is reference data. Now on real-time, I have to track the errors on test data comparing it with reference data to get corresponding reason for the errors and their solution which is available in reference data by comparing the timestamp of both the data's.

In short, is it possible to run such highly complex business logics using search bar provided in splunk web interface or necessarily I have to use SDK.

0 Karma
Reply

Ayn
Legend
‎10-08-2013 02:07 AM

The available functionality from a 'search logic' perspective doesn't differ if you access Splunk through its API (for instance using an SDK) or through Splunkweb, or vice versa.

Splunk enables you to do all kinds of things through the functionality provided in its search language, your example included. It's hard to give you a complete solution without knowing the specifics of your scenario, but your problem definitely sounds like something that could be done in Splunk regardless of how you access it.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...