- Apps & Add-ons
- :
- Splunk Development
- :
- Splunk Dev
- :
- Re: Why python file executes successfully to add d...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why python file executes successfully to add data to an index through Splunk Python SDK, but no events are found in the index?
Hi,
Im trying to add data to the index through Splunk Python SDK . Here .py file is executed successfully but no events found inside the index
Here are my code
import splunklib.client as client
import sys,os
import socket
............................
Create a Service instance and log in
service = client.connect(
host=HOST,
port=PORT,
username=USERNAME,
password=PASSWORD,
owner=OWNER,
app=APP)
Retrieve the index for the data
myindex = service.indexes["test_index"]
myindex = service.indexes.create("test_index2")
with myindex.attached_socket(sourcetype='test') as sock:
#sock.send("Test event\r\n")
sock.close()
Open a socket
mysocket = myindex.attach()
Send events to it
mysocket.send("This is my socket event\r\n")
Close the socket
mysocket.close()
print "everything done"
Code Type 2 :
import splunklib.client as client
import sys,os
.................................
Create a Service instance and log in
service = client.connect(
host=HOST,
port=PORT,
username=USERNAME,
password=PASSWORD,
owner=OWNER,
app=APP)
Retrieve the index for the data
myindex = service.indexes["test_index"]
Submit an event over HTTP
myindex.submit('This is my HTTP event',sourcetype='test', host='localhost')
Please verify and let me know what changes i have to do?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
just checked without owner=OWNER,,app=APP . below code worked
service = client.connect(
host=HOST,
port=PORT,
username=USERNAME,
password=PASSWORD)
Retrieve the index for the data
myindex = service.indexes["test_index"]
Submit an event over HTTP
myindex.submit('This is my HTTP event',sourcetype='test', host='localhost')
need to investigate it...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How about if there is long string, such as "37.31.31.31 - - [13/Dec/2015:23:08:40 +0100] ""POST /administrator/index.php HTTP/1.1"" 200 4494 """ ""Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"" ""-""" Somehow it ignores it...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The problem is about ": : : ". How to fix it????
New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...
Improve Data Pipelines Using Splunk Data Management
3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?
