Re: How to use isGetInfo and getKeywordsAndOptions...

Lowell · ‎07-08-2010

What's the recommended way to use both splunk.Intersplunk.getKeywordsAndOptions and splunk.Intersplunk.isGetInfo within a python search command?

I would like to use both of these features at the same time, but there doesn't seem to be an obvious way to do this.

(isgetinfo, args) = splunk.Intersplunk.isGetInfo(sys.argv)
...
args, kwargs = splunk.Intersplunk.getKeywordsAndOptions()

This ends up with either __GETINFO__ or __EXECUTE__ as the first value in args.

Stephen_Sorkin · ‎07-08-2010

The idiom in diff.py and trendline.py that we ship with is to call isGetInfo very early on in execution, like:

(isgetinfo, sys.argv) = splunk.Intersplunk.isGetInfo(sys.argv)

Note that this may not work on Windows where getKeywordsAndOptions uses a source other than sys.argv.

Lowell · ‎07-09-2010

I guess that would work, unless you are running windows, which doesn't seem like there is a solution to that (short of building your own getKeywordsAndOptions function) It seems odd to me that isGetInfo() requires "args" to be passed in, and then getKeywordsAndOptions() doesn't allow you to specify the "args".

How to use isGetInfo and getKeywordsAndOptions at the same time?

Splunk Search APIを使えば調査過程が残せます

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!

Join the Conversation

How to use isGetInfo and getKeywordsAndOptions at the same time?

Splunk Search APIを使えば調査過程が残せます

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!