Re: Why is the Powershell Modular Input not schedu...

Kendo213 · ‎05-02-2018

Here is my inputs.conf:

[powershell://checkdnsext]
script = . "$SplunkHome\etc\apps\test_infra_dnsext_inputs\bin\checkdnsext.ps1"
schedule = `0 */5 * ? * *`
sourcetype = test:powershell
index = test

Here is my Powershell located in /app/bin:

$ErrorActionPreference="SilentlyContinue"
$ipaddress = $(ipconfig | where {$_ -match 'IPv4.+\s(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' } | out-null; $Matches[1])
$dnstest=Resolve-DnsName -Name google.com -server $ipaddress -QuickTimeout -Type A | select Name
if ($dnstest -like '*google*') {
$result="1"
write-host ((get-date),"`nExternal DNS Status:","$result")
}
else{
$result="0"
write-host ((get-date),"`nExternal DNS Status:","$result")
}

The script works. I don't see any errors in splunkd.log on the client, other than the fact that I don't see it scheduling the script to run.

Any ideas?

ansif · ‎05-03-2018

Can you try with a service restart.

Kendo213 · ‎05-03-2018

I've tried restarting the service numerous times. That cron has 's around it because of the Splunk forum. It doesn't complain about an invalid cron in the internal logs.

Why is the Powershell Modular Input not scheduling the script to run?

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join the Conversation

Why is the Powershell Modular Input not scheduling the script to run?

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk