Building for the Splunk Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to pass the value of the field to the script as a parameter when customizing commands in Python?

pbalbasm
Path Finder
‎03-29-2019 03:25 AM

Hi everyone,

I have created a custom command in Python that needs a parameter, which is one of the fields of the search.

The script is as the following:

import splunk.Intersplunk

def foofunct(text):
     output = //Doing something with text
     return output

keywords, options = splunk.Intersplunk.getKeywordsAndOptions()

results,unused1,unused2 = splunk.Intersplunk.getOrganizedResults()

for result in results:
     result["foo"] = foofunct(keywords)
splunk.Intersplunk.outputResults(results)

When I insert the parameter directly in the tests, it works perfectly, but when I put the name of the field, it doesn't take the value of the field, it takes the name of the field as a parameter.

Is there any way to pass the value of the field to the script as a parameter?

Thanks for all.

Regards

Labels (2)
Labels
Reply
1 Solution
Solved! Jump to solution
Solution

pbalbasm
Path Finder
‎06-04-2019 01:37 AM

For me, the solution was to create a Javascript in the view wich launches a search with the correct parameters, so the keywords are values taken directly from the javascript.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

pbalbasm
Path Finder
‎06-04-2019 01:37 AM

For me, the solution was to create a Javascript in the view wich launches a search with the correct parameters, so the keywords are values taken directly from the javascript.

0 Karma
Reply
Solved! Jump to solution

hallt3
Path Finder
‎06-03-2019 01:54 PM

Been a while, here's what I remember. Import sys. You can send in args via argv. TEXTSTRING = sys.argv[1]

Then when running the custom search command you just put 'em after the command. | script myscript arg1 arg2 ...

0 Karma
Reply
Solved! Jump to solution

alonsocaio
Contributor
‎06-03-2019 09:19 AM

How are you using this custom command in your searches?

0 Karma
Reply
Solved! Jump to solution

highsplunker
Contributor
‎06-03-2019 09:37 AM

The question is how to pass parameters in and out of custom python script. This script is just an example.

0 Karma
Reply
Solved! Jump to solution

alonsocaio
Contributor
‎06-03-2019 09:40 AM

I got it, but you said that when you put the name of the field as a parameter It does not get the field value, but the field name, so I am supposing you tried running this command from Splunk, right? If you tried running it from Splunk, I'd like to know how you used the command.

0 Karma
Reply
Solved! Jump to solution

highsplunker
Contributor
‎06-02-2019 11:20 AM

Why doesn't anybody help?

0 Karma
Reply
Get Updates on the Splunk Community!

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Reimagine what you can do with your dashboards. Dashboard Studio is Splunk’s newest dashboard builder to ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Help us learn about how Splunk has impacted your career by taking the 2021 Splunk Career Survey. Last year’s ...