Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Help me get started with a custom Splunk Lookup or command

daniel333
Builder
‎05-03-2017 05:51 PM

All,

We are a user of Puppet and it's PuppetDB service. Which is a great place to get system information. I can from the command line pull custome infomation ("facts") with this command

Command Used:
/usr/bin/curl --silent -X GET http://puppetdblvsp.somecompany.com:8080/v3/facts --data-urlencode 'query=["=", "name","ipaddress"]' | sed ':a;N;$!ba;s/\n/ /g' | sed 's#}, {#\n#g'| awk -F '"' '{ printf "%-30s*%-30s\n", $12, $4}' | sort -n -t* -k 1 | tr '' ' ' | sed 's/[ ]$//' | grep -E 'log'

When run it returns a nice CSV of the data I want. I looked over the guides to creating a custom command and it went over my head with all the Python. I am guessing Bash is supported? Any one have a walk through on getting started with this?

thanks

Tags (1)
0 Karma
Reply

DalJeanis
Legend
‎05-04-2017 05:58 AM

1) Start with this ...

https://splunkbase.splunk.com/app/1701/

You should be able to see how that works and duplicate it for your custom requirements.

2) It is better to write your titles so that people can see at a glance what your issue or request is. For example: "How can/does splunk pull data from Puppet?"

3) Including puppet as a keyword would also be helpful, in case Puppetmasters are following the keyword but not following general questions and discussions...

4) Here's some other useful answers...

https://answers.splunk.com/answers/345/does-splunk-play-nice-with-puppet.html

5) There's a lot out there for splunk-to-puppet and puppet-to-splunk and puppet-manages-splunk. Not sure what this does yet, but here's a major open source project on it...

https://www.openhub.net/p/splunk-puppet

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...