Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Flush on search custom command not working

rleoneti
New Member
‎02-20-2020 09:39 AM

I try to use flush on custom command and not working.

I used generatetext.py from searchcommands_app and put self.flush() and the search done with errors.

    def generate(self):
        text = self.text
        self.logger.debug("Generating %d events with text %s" % (self.count, self.text))
        for i in range(1, self.count + 1):
            yield {'_serial': i, '_time': time.time(), '_raw': six.text_type(i) + '. ' + text}
            self.flush()

Error:

02-20-2020 14:32:12.814 INFO  ReducePhaseExecutor - ReducePhaseExecutor=1 action=PREVIEW
02-20-2020 14:32:12.990 INFO  ReducePhaseExecutor - ReducePhaseExecutor=1 action=PREVIEW
02-20-2020 14:32:12.990 ERROR ChunkedExternProcessor - Failed to write buffer of size 17 to external process file descriptor (The pipe is being closed.)
02-20-2020 14:32:13.024 ERROR ChunkedExternProcessor - Failure writing result chunk, buffer full. External process possibly failed to read its stdin.
02-20-2020 14:32:13.024 ERROR ChunkedExternProcessor - Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.024 INFO  ReducePhaseExecutor - Ending phase_1
02-20-2020 14:32:13.024 INFO  UserManager - Unwound user context: admin -> NULL
02-20-2020 14:32:13.024 ERROR SearchOrchestrator - Phase_1 failed due to : Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.025 INFO  ReducePhaseExecutor - ReducePhaseExecutor=1 action=CANCEL
02-20-2020 14:32:13.025 INFO  DispatchExecutor - User applied action=CANCEL while status=0
02-20-2020 14:32:13.025 ERROR SearchStatusEnforcer - sid:1582219925.18 Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.025 INFO  SearchStatusEnforcer - State changed to FAILED due to: Error in 'generatetext' command: Failed to send message to external search command, see search.log.
02-20-2020 14:32:13.090 INFO  UserManager - Unwound user context: admin -> NULL

Any Help ??

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...