How do I capture the output of a script from a scr...

daniel333 · ‎04-12-2019

All,

I have a script which I'd like to capture the output from. I assumed that as long as I had it started by my splunkforwarder with an interval=0 it would run for ever and capture anything the script generates. But doesn't appear so.

[script://./bin/spidertrap.py]
  interval = 0
  index = main
  sourcetype = spidertrap
  source = spidertrap.py
  disabled = 0

The script source can be found here -
https://github.com/omarkhan/spidertrap/blob/master/spidertrap.py

I've verified that Splunk is running the script. If I run the script directly I get output to the console I expect.

Any ideas?

somesoni2 · ‎04-12-2019

Try to use print function to print your data to stdout which Splunk reads. See this for reference. https://sublimerobots.com/2017/01/simple-splunk-scripted-input-example/

daniel333 · ‎04-12-2019

Interestingly enough not picking up anything from a print either.

efavreau · ‎04-17-2019

Not seeing print in your github source. Borrowing from SO: https://stackoverflow.com/questions/7152762/how-to-redirect-print-output-to-a-file-using-python#7152...

with open('out.txt', 'w') as f:
    print >> f, 'Filename:', filename     # Python 2.x
    print('Filename:', filename, file=f)  # Python 3.x

###

If this reply helps you, an upvote would be appreciated.

How do I capture the output of a script from a scripted input?

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Unify Your SecOps with Splunk Mission Control

Data Preparation Made Easy: SPL2 for Edge Processor