Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Flush on search custom command not working

rleoneti
New Member
‎02-20-2020 09:39 AM

I try to use flush on custom command and not working.

I used generatetext.py from searchcommands_app and put self.flush() and the search done with errors.

    def generate(self):
        text = self.text
        self.logger.debug("Generating %d events with text %s" % (self.count, self.text))
        for i in range(1, self.count + 1):
            yield {'_serial': i, '_time': time.time(), '_raw': six.text_type(i) + '. ' + text}
            self.flush()

Error:

02-20-2020 14:32:12.814 INFO  ReducePhaseExecutor - ReducePhaseExecutor=1 action=PREVIEW
02-20-2020 14:32:12.990 INFO  ReducePhaseExecutor - ReducePhaseExecutor=1 action=PREVIEW
02-20-2020 14:32:12.990 ERROR ChunkedExternProcessor - Failed to write buffer of size 17 to external process file descriptor (The pipe is being closed.)
02-20-2020 14:32:13.024 ERROR ChunkedExternProcessor - Failure writing result chunk, buffer full. External process possibly failed to read its stdin.
02-20-2020 14:32:13.024 ERROR ChunkedExternProcessor - Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.024 INFO  ReducePhaseExecutor - Ending phase_1
02-20-2020 14:32:13.024 INFO  UserManager - Unwound user context: admin -> NULL
02-20-2020 14:32:13.024 ERROR SearchOrchestrator - Phase_1 failed due to : Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.025 INFO  ReducePhaseExecutor - ReducePhaseExecutor=1 action=CANCEL
02-20-2020 14:32:13.025 INFO  DispatchExecutor - User applied action=CANCEL while status=0
02-20-2020 14:32:13.025 ERROR SearchStatusEnforcer - sid:1582219925.18 Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.025 INFO  SearchStatusEnforcer - State changed to FAILED due to: Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.090 INFO  UserManager - Unwound user context: admin -> NULL

Any Help ??

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...