I am trying to get a custom search script to work following the instructions on this page: http://docs.splunk.com/Documentation/Splunk/4.3/SearchReference/Script .
The instructions say to put the file in, splunk_home/etc/searchscripts, which doesn't exist in my 4.2.2 installation. I found splunk_home/etc/search/scripts, though that does work either. I have also tried creating the folder. Each time I restarted the service, just in case. Will someone please supply the basics on what is needed to get the search script to work?
I am trying to use this script: https://github.com/JustinAzoff/splunk-scripts/blob/master/ua2os.py
I assume that python script is a custom search command. Look here in the documentation and this should get you on track.
http://docs.splunk.com/Documentation/Splunk/4.2.2/SearchReference/WriteaPythonsearchcommand
I assume that python script is a custom search command. Look here in the documentation and this should get you on track.
http://docs.splunk.com/Documentation/Splunk/4.2.2/SearchReference/WriteaPythonsearchcommand
brettski, did you get this script working? Im at a halt trying to figure how to get it to work. I've tried all links suggested in this post but Splunk is not recognizing this app.
Once you go through it...just let me know sdaniels@splunk.com. I'll be happy to get the docs changed to make sure they are in sync. Apologies for any confusion there.
I will give you credit for your answer but the Splunk documentatio is not very clear an conflicts with comments in the applications files. I think I will leave well enough alone for now. This should not be this difficult.
Yes, you can put it under the search app
Strange, I just retried both links with no issues. Yes, it is a custom search command. Based on the link you supplied, I need to create an application to run the custom search command under? Or can the app be 'Search'?