Re: Splunk summary index script automation

ram254481493 · ‎05-22-2019

Hello , Currently i have an summary index script which i have to run manually now everyday at 9 pm , i am thinking to automate it using linux cron job , is their a way to do it , if anyone could help how can i automate the command to run everyday at 9 pm on linux.

Below is my summary index script :
./splunk cmd python fill_summary_index.py -app search -name "xxxxxxxx" -et 1546754401 -lt 1547359201-j 2 -owner xxx -auth admin:changeme

i want it to automate and run everyday 9 pm ?

stoutrw · ‎05-22-2019

If you have to do a linux cron job, put the command in place using crontab. Your schedule should look something like this.

https://crontab.guru/#0_21_*_*_*

koshyk · ‎05-22-2019

why you are using Linux cron? Can it be a savedsearch within Splunk scheduled for a time?

ram254481493 · ‎05-22-2019

No you cant use it as a saved search , this command needs to run from backend , so i am still working in it once i am done if successfull i will post my configs.

Splunk summary index script automation

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect

Join the Conversation

Splunk summary index script automation

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect