I have splunk instance running on one linux server.
I have python code on another linux server, which I run manually something like:
(console script command given in setup.py) (arguments)
Is it possible to run this via Splunk GUI? If so, how?
This is to be run on demand and not in a scheduled way i.e. whenever user searches say a username from splunk GUI, python script from remote server needs to run, fetch some details and send back as results for the search.
Sounds like you need a custom search command or external lookup. These links should get you started:
External Lookups: https://docs.splunk.com/Documentation/Splunk/8.0.1/Knowledge/Configureexternallookups
Custom Search Command Docs: https://docs.splunk.com/Documentation/Splunk/8.0.1/Search/Writeasearchcommand
Custom Search Command Dev: https://dev.splunk.com/enterprise/docs/developapps/customsearchcommands/
What kind of details does the script return? What does the script do? An example of an external search command is in Splunk Supporting Add-on for Active (https://splunkbase.splunk.com/app/1151/). Given different arguments it will return LDAP user/object results to supplement results or create lookup tables.
More details are likely needed to determine the best way to do this. There isn't really a simple "out of the box" way to do this.
Thanks I will go through the provided information.
The script needs to take a username as input (via splunk GUI).
It then needs to form a list of all the groups the user is a part of recursively, by communicating with Redis server which has raw information of users and groups.
It needs to return that list of groups to be displayed as splunk search result.
splunk(splunk server)<-->server that has script<-->redis server