manually run a scripted input?

jeff · ‎12-14-2012

I have a scripted input in Splunk that sends it's data to Splunk via STDOUT. Is there any way to run the script on-demand and have the results sent to Splunk without restarting Splunk? Something like a "oneshot" cli method, but for scripted inputs, not for files.

jkat54 · ‎07-17-2019

You can do this, but splunk wont index the data necessarily: ./splunk cmd /opt/splunk/etc/apps/yourapp/bin/script.sh

You will see STDOUT/ERR from your script though

tomasmoser · ‎05-18-2017

You can disable and again enable scripted input. This will make it run. It worked for me.

itinney · ‎12-14-2012

If you write the output to a file in a sinkhole like, .../var/spool/splunk, then Splunk will consume it.
If you need the sourcetype to be the same as when it runs as a script then create a different sinkhole and specify the sourcetype

yannK · ‎12-14-2012

or same idea with saving the result of the script to a file and monitor the file with the correct sourcetype.

then you will have to clean the result file once a while.

alacercogitatus · ‎12-14-2012

What OS are you running?

manually run a scripted input?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Data Management Digest – May 2026

Index This | What is feather-light but cannot be held long?

.conf26 Registration is Live: Secure Your Early Bird Pass Now

Join the Conversation

manually run a scripted input?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Data Management Digest – May 2026

Index This | What is feather-light but cannot be held long?

.conf26 Registration is Live: Secure Your Early Bird Pass Now