Auto data fix using Splunk connected to python

mrccasi · ‎06-08-2017

Hello. The idea is, Splunk will ingest ticket from client side then Splunk will categorize the ticket and if it falls in the category, Splunk will call Python to run a script to update the data in Oracle database.

I successfully tested the python and oracle database connection. my problem is on how will Splunk can categorize the data and call python to run the script. do you guys have any idea? can you please help me? i am new in splunk and i would like to know more about splunk capabilities.

Thank you.

micahkemp · ‎06-09-2017

Check out custom search commands. It seems you could use them to accomplish what you need, perhaps with a search like:

<ticket search> | <your categorization logic> | <yournewcustomsearchcommand>

We also use ticket data within Splunk, but we use a custom search command to fetch the ticket data at search time, instead of indexing it in Splunk.

Auto data fix using Splunk connected to python

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?

Auto data fix using Splunk connected to python

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem