Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to create a app , which will run a search at schedule time and execute a python script process search result element

avikramengg
Explorer
‎08-02-2018 04:23 AM

I am new to Splunk after investigating from last 7 days not able to conclude on way of implementation.

Wanted to create an app which will execute a search at specific time, then search result will be processed by a python script existing in app only.

Is it possible ?

Any basic information will help to understand and build the app.
Please suggest.

Regards,
Amit Vikram

Tags (1)
0 Karma
Reply

FritzWittwer_ol
Contributor
‎08-02-2018 05:26 AM

Create a saved search with the criteria and define a action.script.command for this search, this will call your python script. See http://docs.splunk.com/Documentation/Splunk/7.1.2/Alert/Configuringscriptedalerts

Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...