Splunk Search

How to pass IP argument for API call to Python script and integrate with generating command?

Bart
Engager

Hi,

I'm very new to splunklib and not so experienced in programming and breaking my brain on this. I have 2 scripts.

First one is creating a list of assets from Server with API requests call, and saves to the file.

Second one is run by custom command, it's calling the first one and then uses generating streaming  command to pass the results from the file to Splunk. Works....Now, I want to pass server IP as an argument along with my custom command instead of having it statically specified in a API call script. I've tried many ways and nothing works for me and just breaks it when trying to use the Option second script not seeing the argument, when trying to call module from the apiscript and add argument in CustomCommand script it's also a no-go, could not find any examples and losing motivation, thinking my design is bad. 

 

#execfile('apiscript.py')
subprocess.call('apiscript.py')  
""" ----- Generating command yields results into splunk ------"""

@Configuration()
class results(GeneratingCommand):
    def generate(self):

       file = '/data/splunk/apps/bin/lookups/assets.csv'
       with open(file,"r") as f:
            reader = csv.reader(f,delimiter=',')
            for tenant,asset in reader:
                yield {'P_tenants':tenant,'CIDR_Range':asset}

dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__) 

 

Any help will be useful. Thanks

Labels (5)
0 Karma
1 Solution

FritzWittwer1
Path Finder

 

I'd move the subprocess.call into the generate sub, so it will have access to the parameter serverIP you can define in the results class.

 

#execfile('apiscript.py')
subprocess.call('apiscript.py')  
""" ----- Generating command yields results into splunk ------"""

@Configuration()
class results(GeneratingCommand):
    serverIp = Option(require=False, validate=validators.Fieldname())

    def generate(self):
       
       
       subprocess.call('apiscript.py', serverIp)  


       file = '/data/splunk/apps/bin/lookups/assets.csv'
       with open(file,"r") as f:
            reader = csv.reader(f,delimiter=',')
            for tenant,asset in reader:
                yield {'P_tenants':tenant,'CIDR_Range':asset}

dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__) 

 

View solution in original post

FritzWittwer1
Path Finder

 

I'd move the subprocess.call into the generate sub, so it will have access to the parameter serverIP you can define in the results class.

 

#execfile('apiscript.py')
subprocess.call('apiscript.py')  
""" ----- Generating command yields results into splunk ------"""

@Configuration()
class results(GeneratingCommand):
    serverIp = Option(require=False, validate=validators.Fieldname())

    def generate(self):
       
       
       subprocess.call('apiscript.py', serverIp)  


       file = '/data/splunk/apps/bin/lookups/assets.csv'
       with open(file,"r") as f:
            reader = csv.reader(f,delimiter=',')
            for tenant,asset in reader:
                yield {'P_tenants':tenant,'CIDR_Range':asset}

dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__) 

 

Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...