Developing for Splunk Enterprise

Python SDK Visualization


Hi to all,

How to produce a visualization in splunk sdk python? For example pie charts, line graph, and etc.

Thanks in advance!

Tags (3)
0 Karma

Re: Python SDK Visualization

Path Finder

Hi, i'm just learning t as well, anyway you can put your result in xml file, parse the xml and use (for example flotchart) to represent the result. For example:

def get_data(self):

        DATA = []

        params = {"earliest_time" : "-30d", "latest_time" : "now", "exec_mode" : "blocking", "auto_cancel" : 600 }
        search = 'search index=main sourcetype=syslog | search *ERROR* | stats count by process' 
        job =, **params)
        #job =

        while True: 
          if job.isDone: 
        content = str(job.results(output_mode='xml'))
        #print "Output: %s" % content

        with open('result.xml', 'w') as f:

        tree = ET.parse('result.xml')
        root = tree.getroot()

        for child in root:
            if child[0].tag != "fieldOrder":
                #print child[0][0][0].text, child[1][0][0].text
                DATA.append([child[0][0][0].text, child[1][0][0].text])

        return DATA

Then you have to put the return DATA in flotchart. To know how to use flotchart:
search flotchart on web (it seems i can not insert link)

0 Karma

Re: Python SDK Visualization


Thank you! I will try this to my next project!

0 Karma