Solved: Get current user from Custom Search Command

maxdouglas · ‎03-26-2019

Hello Splunkers,

I am developing an app containing a Custom Generating Search Command. (I think the Generating part is irrelevant for this case)
I need my custom command to get the user who executed this search.

Following the page below, I got to this code, which returns the wrong user:
http://dev.splunk.com/view/python-sdk/SP-CAAAEJ6#currentuser

from splunklib.searchcommands import GeneratingCommand, dispatch, Configuration
from splunklib import client

@Configuration(streaming=True, local=True)
class MyCommand(GeneratingCommand):
    def generate(self):
        service = client.connect(username='fixed_user', password='fixed_password')
        user = service.username  # user is fixed_user, not the current user
        yield {'_time': time.time(),'_raw': user}

dispatch(MyCommand, sys.argv, sys.stdin, sys.stdout, __name__)

When I execute the search | mycommand on Splunk Web, I get fixed_user, not the current logged user.
How can my custom command know which user is calling it?

anatoliikostin · ‎11-18-2019

You can make use of self which is passed into generate(self):

user = self._metadata.searchinfo.username

View solution in original post

anatoliikostin · ‎11-18-2019

You can make use of self which is passed into generate(self):

user = self._metadata.searchinfo.username

Get current user from Custom Search Command

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Painting a Clearer Picture: Creating Cross-Domain Visibility with AI Canvas

Analytics Workspace deprecation

Splunk Developer Day Recap: Building, Publishing, and Growing on the Splunk Platform

Join the Conversation