Splunk Answers-a-thon!

How to develop custom search commands?

yeasuh
Community Manager
Community Manager

How to develop custom search commands?

Labels (2)
0 Karma

Brett
SplunkTrust
SplunkTrust

Splunk provides detailed instructions and examples at https://dev.splunk.com/enterprise/docs/devtools/customsearchcommands/createcustomsearchcmd/

You can use the Splunklib python library to quickly create custom search commands in Splunk. At a bare minimum you can create a commands.con under /local and point to your sceleton python command residing under /bin and print to stdout to start with.

0 Karma

jeffland
SplunkTrust
SplunkTrust

Custom search commands are an advanced technique to enhance Splunk SPL. You write them in python, and they require a few conf files in addition to the .py and you should be good to go.

 

A good place to start would be these docs: https://dev.splunk.com/enterprise/docs/devtools/customsearchcommands/ - they also list some examples you can look at.

If you hit any roadblocks, be sure to ask a more detailed question 🙂

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...