Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Python script with Universal forwarder
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is my script
from urllib2 import sys, Request, urlopen, URLError, HTTPError
if len(sys.argv) <= 1:
sys.exit(0)
url = sys.argv[1] + "/messages=SplunkTestMessage&outputFormat=splunk"
req = Request(url)
try:
response = urlopen(req)
except HTTPError, e:
print "The server couldn\'t fulfill the request. ",
print "error_code=", e.code, " status=2"
except URLError, e:
print "Failed to reach server. ",
print "error_code=", e.reason, " status=3"
else:
html = response.read()
print html, " status=1"
Same script perfectly works with Splunk main instance.
How do I run python script with Universal forwarder?
There is no problem with bat file and other exe. I am forwarding script output from Windows and AIX machine.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Note that the Universal Forwarder does not include bundled Python:
Introducing the Universal Forwarder - Scripted inputs and Python
If you need to run a Python script on a Universal Forwarder, you can install a local version of Python and run the script by using a .bat file. Otherwise you will need to use a full version of Splunk configured as a Lightweight Forwarder.
HTH,
Dave
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
bat file should contain the command then, include the bat file in the script stanza.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Note that the Universal Forwarder does not include bundled Python:
Introducing the Universal Forwarder - Scripted inputs and Python
If you need to run a Python script on a Universal Forwarder, you can install a local version of Python and run the script by using a .bat file. Otherwise you will need to use a full version of Splunk configured as a Lightweight Forwarder.
HTH,
Dave
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This script perfectly works manually and main splunk instance using it
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry I forgot to mention here is inputs.conf
[script://$SPLUNK_HOME\etc\system\bin\util.py http://127.0.0.1:8085]
index = main
interval = 30
sourcetype = sys_health
disabled = 0
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can mention in the script stanza of inputs.conf file. But i am not sure how the script will run. For the script to execute it should have the compiler/interpreter. May be you need to set the script to run through python.
See if the script runs manually, then try setting in script stanza OR Manually set the path and run through a bat file. Thanks.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
