Solved: Requests.Post CSV File contents into Splunk using ...

vkannampuzha · ‎06-06-2019

Hi all,

I'm having issues with using the requests library in python to send the contents of a csv file to Splunk. I've managed to do it for json files and can even convert the csv contents to a json format and post it on splunk successfully. I'm wondering if there was a way to do a requests.post and and send the csv file whilst keeping the csv format rather than changing to a json format.

Here is the code I am using to post json content to splunk:

with open('file.csv') as f:
    reader = csv.DictReader(f)
    file_contents = list(reader)

headers = {
            'Authorization': 'Splunk 'token number''  
        }

data = {'sourcetype': '_json', 'event': file_contents}  

try:
    response = requests.post('http://localhost:8088/services/collector',
                             headers=headers, data=json.dumps(data),
                             verify=False)  
except Exception as e:
    print(str(e))

Thanks!

vkannampuzha · ‎06-06-2019

After a bit of research, it turns out I can't actually send through data that has a csv format. According to the splunk documentation, I can only send through json or raw data.

View solution in original post

vkannampuzha · ‎06-06-2019

After a bit of research, it turns out I can't actually send through data that has a csv format. According to the splunk documentation, I can only send through json or raw data.

Requests.Post CSV File contents into Splunk using HEC

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Deep insights, no barriers: Splunk Observability Cloud Free Edition

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

Join the Conversation