Python SDK Visualization

leordimalanta · ‎01-08-2014

Hi to all,

How to produce a visualization in splunk sdk python? For example pie charts, line graph, and etc.

Thanks in advance!

maurelio79 · ‎01-25-2014

Hi, i'm just learning t as well, anyway you can put your result in xml file, parse the xml and use (for example flotchart) to represent the result. For example:

def get_data(self):


        DATA = []

        params = {"earliest_time" : "-30d", "latest_time" : "now", "exec_mode" : "blocking", "auto_cancel" : 600 }
        search = 'search index=main sourcetype=syslog | search *ERROR* | stats count by process' 
        job = service.jobs.create(search, **params)
        #job = service.jobs.create(search)

        while True: 
          if job.isDone: 
            break 
        content = str(job.results(output_mode='xml'))
        #print "Output: %s" % content

        with open('result.xml', 'w') as f:
            f.write(content)

        tree = ET.parse('result.xml')
        root = tree.getroot()

        for child in root:
            if child[0].tag != "fieldOrder":
                #print child[0][0][0].text, child[1][0][0].text
                DATA.append([child[0][0][0].text, child[1][0][0].text])

        return DATA

Then you have to put the return DATA in flotchart. To know how to use flotchart:
search flotchart on web (it seems i can not insert link)

leordimalanta · ‎02-02-2014

Thank you! I will try this to my next project!

Python SDK Visualization

.conf25 Registration is OPEN!

Detecting Cross-Channel Fraud with Splunk

Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside

Are you a member of the Splunk Community?

Python SDK Visualization

.conf25 Registration is OPEN!

Detecting Cross-Channel Fraud with Splunk

Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside