Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- Splunk Development
- :
- Splunk Dev
- :
- Why is the Python script input data show no result...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why is the Python script input data show no result in search?
Hello,
I have a python scripted input which doesn't return any result in the search and I don't understand why because I can run my script in the terminal computer with the user splunk:
splunk@splunk1:~/etc/apps/bike_sharing/bin$ python NYC_predict_bike.py
extract of the result:
[{"FCTTIME":1524250800000,"conds":"Clear","dewptm":"-5","fctcode":1,"feelslike":"5","heatindex":"-9999","hum":39,"icon":"clear","mslp":"1023","pop":0,"qpf":"0","sky":11,"snow":"0","tempm":"8","uvi":0,"wdir":"NW","windchill":"5","wspd":"19","TZ":7200000,"dock_id":"3681","capacity":0,"eightd_has_key_dispenser":false,"eightd_station_services":null,"lat":40.7151776773,"lon":-74.0376833081,"name":"Grand St","region_id":null,"rental_methods":["KEY","CREDITCARD"],"short_name":"JC102"}]
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@csimonnet, to debug can you please try the following link to write error logs to Splunk's _internal index using sys.stderror.write to ensure that Script is executing?
https://sublimerobots.com/2017/01/simple-splunk-scripted-input-example/
sys.stderr.write("Python script is starting up\n")
Refer to a recent answer, have you scheduled your Python scripted input in Splunk? https://answers.splunk.com/answers/628853/how-to-add-scripts-as-data-input.html
| makeresults | eval message= "Happy Splunking!!!"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks,
now I can see a new error:
import pandas as pd
File "/opt/splunk/etc/apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/lib/python2.7/site-packages/pandas/__init__.py", line 13, in
"extensions first.".format(module))
ImportError: C extension: No module named ctypes not built. If you want to import pandas from the source directory, you may need to run 'python setup.py build_ext --inplace' to build the C extensions first.
I tried to fix it but I can't install ctypes and upgrading numpy doesn't change anything.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Automating Threat Operations and Threat Hunting with Recorded Future
Keep the Learning Going with the New Best of .conf Hub
Splunk Community Badges!
