Custom Search Commands: how to process positional ...

aovsiannikov · ‎12-25-2018

i.e. we have some custom command generatetext

@Configuration()
class GenerateTextCommand(GeneratingCommand):

    count = Option(require=True, validate=validators.Integer(0))
    text = Option(require=True)

    def generate(self):
        text = self.text
        for i in range(1, self.count + 1):
            yield {'_serial': i, '_time': time.time(), '_raw': six.text_type(i) + '. ' + text}

I'd like to pass args to it in positional manner,

NOT
| generatetext count=10 text='hi'

BUT
| generatetext 10 hi

How!?

HackerHit · ‎04-22-2019

I have the same question. Now I figure it out. I think it will help you.

We misunderstand the definition of Field and Option.

So we miss the important property named fieldnames that defined in splunklib/searchcommands/search_command.py Line:201

Following code is what you want. Line 8-9

@Configuration()
class GenerateTextCommand(GeneratingCommand):
    # options
    .....

    def generate(self):
            # field names
            count = self.fieldnames[0] 
            text = self.fieldnames[1]

        for i in range(1, self.count + 1):
            yield {'_serial': i, '_time': time.time(), '_raw': six.text_type(i) + '. ' + text}

Thank you.

HackerHit · ‎04-22-2019

I have the same question. Any body can answer it ?

Custom Search Commands: how to process positional args in command class?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

Join the Conversation