Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why am I getting this error "External search command 'File_Move1' returned error code 1" every time I run my python script?

Vipun
Explorer
‎01-31-2018 08:44 AM

• I am trying to execute python script File_Move1 using the search query |script File_Move1 but received the error below:
External search command 'File_Move1' returned error code 1.

• Please find my commands.conf details below in my C:\Program Files\Splunk\etc\system\local

[File_Move1]
chunked = true
filename = File_Move1.py
type = python

• I have placed the file in bin directory of C:\Program Files\Splunk\etc\apps\search\bin\scripts and C:\Program Files\Splunk\bin\scripts but still I receive that error
• I was able to execute the same script using Splunk cmd python File_Move.py using command prompt.

I kindly request you to look into it and guide me how to get rid of that error. I really appreciate your help on this.

Labels (1)
Labels
Reply

493669
Super Champion
‎01-31-2018 09:22 AM

Try running below:

< search query>| script python File_Move1.py

Refer:https://answers.splunk.com/answers/62473/how-to-execute-external-script-to-manipulate-file-from-sear...

0 Karma
Reply

Vipun
Explorer
‎01-31-2018 10:10 AM

Hi,

Thank you for the help on this.

I have tried index="test" | script python File_Move1 or index="test" | script python File_Move1.py
earlier but still no luck. Could you please advise with any other fix.

Reply

highsplunker
Contributor
‎07-24-2019 02:25 AM

hi Vipun. i have the same error message -- i'm playing with Splunk REST API functionality now. i think you have to dig the script itself first.
in my case there was simply a syntactic error in my python code.
don't give up, good luck 🙂

0 Karma
Reply

Vipun
Explorer
‎01-31-2018 10:04 AM

Hi 493669,

I have followed that earlier but still, I get the same error

index="test" | script python File_Move1.py

or 

index="test" | script python File_Move1

⚠ External search command 'File_Move1' returned error code 1.
Please suggest any answers. Thank you for the help!!

Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...