Developing for Splunk Enterprise

Looking for an example generating custom script that execute OS command

Motivator

Hi

I am looking for a simple example of custom generating search command that
executes OS command and show the result of execution.

I don't have much knowledge of Python SDK, but I want to start from an simple example.

Thank you, and any commend would be appreciated.

0 Karma

Contributor

Its better if you do this in a separate/new app.

In local directory of app, create commands.conf (if it is already not there).
Commands.conf
[cachecheck]
filename=command_cachecheck.py

In bin directory of app create command_cachecheck.py
import os,re,csv
import sys
os.system("data \" +%c\" ")
command = 'vmstat -s'
os.system(command)

Restart searchhead and give proper permissions.

In SH get the results by searching |cachecheck.