first arg is the hostname the script will use to do the query

jgeyer14 · ‎02-17-2011

Hi, I want to create a scripted input, a script that will query sql server on a machine. I want the query to be executed on whatever host I set up the input for, so I assume I should pass the hostname as an argument to the script. How can I do that dynamically? is there a variable in splunk that can expand automatically? So I could set splunk up to run the script something like this:

script.cmd $hostname

jgeyer14 · ‎02-17-2011

nevermind i figured it out. right now I am adding a new scripted input for each host and passing it manually like so:

first arg is the hostname the script will use to do the query

[script://$SPLUNK_HOME\bin\scripts\test.cmd testhost]
interval = 5
sourcetype = sql:test        
source = jamiesqltest
host=testhost
disabled=0


[script://$SPLUNK_HOME\bin\scripts\test.cmd testhost-2]
interval = 5
sourcetype = sql:test        
source = jamiesqltest
host=testhost-2
disabled=0

pass hostname to scripted input

first arg is the hostname the script will use to do the query

Get the T-shirt to Prove You Survived Splunk University Bootcamp

Introducing the Splunk Community Dashboard Challenge!

Wondering How to Build Resiliency in the Cloud?