All Apps and Add-ons

Why am I unable to run a Python script when alerts are generated?

New Member

Since I am quite new to Splunk, I am having difficulties to run a python script when alerts are generated.

The step I made to run the script :
1. Search for an index
2. Save as an alert

Here is a screen shot of my alert setting and the directory where I keep the script.

alt textalt text

I have not change any other file settings.
The noise.txt is a file where the is reading from.

0 Karma

Path Finder

Try wrapping your python script with a shell script (.e.g. Your ".py" file is not a standalone executable any more than is a ".java" or ".class" file. If you were running it from the command line you would say "python", not just "". If however you had a "" Bash script which contained "python", then you could run
"" as an executable, assuming you had set the permissions correctly and your PATH included your PYTHON home.

0 Karma


Does Splunk have permission to run the script?

Try looking for issues with permissions in the internal log:

index=_internal yourscriptname 


Thanks @adayton20 for the idea. Sure enough, my corporate software folks had installed Splunk in a different directory so my script wasn't even in the right spot. Checking the index as you described led me right to the problem.

0 Karma
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...