Knowledge Management
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to get a custom search script to work

brettski
Explorer
‎04-20-2012 08:56 AM

I am trying to get a custom search script to work following the instructions on this page: http://docs.splunk.com/Documentation/Splunk/4.3/SearchReference/Script .

The instructions say to put the file in, splunk_home/etc/searchscripts, which doesn't exist in my 4.2.2 installation. I found splunk_home/etc/search/scripts, though that does work either. I have also tried creating the folder. Each time I restarted the service, just in case. Will someone please supply the basics on what is needed to get the search script to work?

I am trying to use this script: https://github.com/JustinAzoff/splunk-scripts/blob/master/ua2os.py

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

sdaniels
Splunk Employee
Splunk Employee
‎04-20-2012 11:13 AM

I assume that python script is a custom search command. Look here in the documentation and this should get you on track.

http://docs.splunk.com/Documentation/Splunk/4.2.2/SearchReference/WriteaPythonsearchcommand

View solution in original post

Reply
Solved! Jump to solution
Solution

sdaniels
Splunk Employee
Splunk Employee
‎04-20-2012 11:13 AM

I assume that python script is a custom search command. Look here in the documentation and this should get you on track.

http://docs.splunk.com/Documentation/Splunk/4.2.2/SearchReference/WriteaPythonsearchcommand

Reply
Solved! Jump to solution

ten_yard_fight
Path Finder
‎11-14-2012 12:03 PM

brettski, did you get this script working? Im at a halt trying to figure how to get it to work. I've tried all links suggested in this post but Splunk is not recognizing this app.

0 Karma
Reply
Solved! Jump to solution

sdaniels
Splunk Employee
Splunk Employee
‎04-20-2012 12:29 PM

Once you go through it...just let me know sdaniels@splunk.com. I'll be happy to get the docs changed to make sure they are in sync. Apologies for any confusion there.

Reply
Solved! Jump to solution

brettski
Explorer
‎04-20-2012 12:27 PM

I will give you credit for your answer but the Splunk documentatio is not very clear an conflicts with comments in the applications files. I think I will leave well enough alone for now. This should not be this difficult.

0 Karma
Reply
Solved! Jump to solution

sdaniels
Splunk Employee
Splunk Employee
‎04-20-2012 12:19 PM

Yes, you can put it under the search app

0 Karma
Reply
Solved! Jump to solution

brettski
Explorer
‎04-20-2012 12:17 PM

Strange, I just retried both links with no issues. Yes, it is a custom search command. Based on the link you supplied, I need to create an application to run the custom search command under? Or can the app be 'Search'?

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...