I encountered an issue while trying to integrate a Python script into my Splunk dashboard to export Zabbix logs to a Splunk index. When I click the button on the dashboard, the following error is logged in splunkd.log:

01-16-2025 12:01:24.958 +0530 ERROR ScriptRunner [40857 TcpChannelThread] - stderr from '/opt/splunk/bin/python3.9 /opt/splunk/bin/runScript.py zabbix_handler.Zabbix_handler': Traceback (most recent call last):
01-16-2025 12:01:24.958 +0530 ERROR ScriptRunner [40857 TcpChannelThread] - stderr from '/opt/splunk/bin/python3.9 /opt/splunk/bin/runScript.py zabbix_handler.Zabbix_handler': File "/opt/splunk/bin/runScript.py", line 72, in <module>
01-16-2025 12:01:24.958 +0530 ERROR ScriptRunner [40857 TcpChannelThread] - stderr from '/opt/splunk/bin/python3.9 /opt/splunk/bin/runScript.py zabbix_handler.Zabbix_handler': os.chdir(scriptDir)
01-16-2025 12:01:24.958 +0530 ERROR ScriptRunner [40857 TcpChannelThread] - stderr from '/opt/splunk/bin/python3.9 /opt/splunk/bin/runScript.py zabbix_handler.Zabbix_handler': FileNotFoundError: [Errno 2] No such file or directory: ''

Setup:

1. Python Script:

   • Location: /opt/splunk/etc/apps/search/bin/zabbix_handler.py
   • Function: Export Zabbix logs to a Splunk index using the HEC endpoint.

2. JavaScript Code:

   • Location: /opt/splunk/etc/apps/search/appserver/static/
   • Function: Adds a button to the dashboard, which triggers the Python script.

Observed Behavior:
When the button is clicked, the error indicates that the scriptDir variable in runScript.py is empty, leading to the os.chdir(scriptDir) call failing.

Questions:

1. Why might scriptDir be empty when runScript.py is executed?
2. Is there a specific configuration required in the Splunk dashboard or app structure to ensure the ScriptPath is correctly passed to the ScriptRunner?
3. How can I debug or fix this issue to ensure the Python script is executed properly?

Any help or guidance would be greatly appreciated. Thank you!