Custom Search Commands: how to process positional ...

aovsiannikov · ‎12-25-2018

i.e. we have some custom command generatetext

@Configuration()
class GenerateTextCommand(GeneratingCommand):

    count = Option(require=True, validate=validators.Integer(0))
    text = Option(require=True)

    def generate(self):
        text = self.text
        for i in range(1, self.count + 1):
            yield {'_serial': i, '_time': time.time(), '_raw': six.text_type(i) + '. ' + text}

I'd like to pass args to it in positional manner,

NOT
| generatetext count=10 text='hi'

BUT
| generatetext 10 hi

How!?

HackerHit · ‎04-22-2019

I have the same question. Now I figure it out. I think it will help you.

We misunderstand the definition of Field and Option.

So we miss the important property named fieldnames that defined in splunklib/searchcommands/search_command.py Line:201

Following code is what you want. Line 8-9

@Configuration()
class GenerateTextCommand(GeneratingCommand):
    # options
    .....

    def generate(self):
            # field names
            count = self.fieldnames[0] 
            text = self.fieldnames[1]

        for i in range(1, self.count + 1):
            yield {'_serial': i, '_time': time.time(), '_raw': six.text_type(i) + '. ' + text}

Thank you.

HackerHit · ‎04-22-2019

I have the same question. Any body can answer it ?

Custom Search Commands: how to process positional args in command class?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Join the Conversation