- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- How to pass IP argument for API call to Python scr...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I'm very new to splunklib and not so experienced in programming and breaking my brain on this. I have 2 scripts.
First one is creating a list of assets from Server with API requests call, and saves to the file.
Second one is run by custom command, it's calling the first one and then uses generating streaming command to pass the results from the file to Splunk. Works....Now, I want to pass server IP as an argument along with my custom command instead of having it statically specified in a API call script. I've tried many ways and nothing works for me and just breaks it when trying to use the Option second script not seeing the argument, when trying to call module from the apiscript and add argument in CustomCommand script it's also a no-go, could not find any examples and losing motivation, thinking my design is bad.
#execfile('apiscript.py')
subprocess.call('apiscript.py')
""" ----- Generating command yields results into splunk ------"""
@Configuration()
class results(GeneratingCommand):
def generate(self):
file = '/data/splunk/apps/bin/lookups/assets.csv'
with open(file,"r") as f:
reader = csv.reader(f,delimiter=',')
for tenant,asset in reader:
yield {'P_tenants':tenant,'CIDR_Range':asset}
dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__)
Any help will be useful. Thanks
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'd move the subprocess.call into the generate sub, so it will have access to the parameter serverIP you can define in the results class.
#execfile('apiscript.py')
subprocess.call('apiscript.py')
""" ----- Generating command yields results into splunk ------"""
@Configuration()
class results(GeneratingCommand):
serverIp = Option(require=False, validate=validators.Fieldname())
def generate(self):
subprocess.call('apiscript.py', serverIp)
file = '/data/splunk/apps/bin/lookups/assets.csv'
with open(file,"r") as f:
reader = csv.reader(f,delimiter=',')
for tenant,asset in reader:
yield {'P_tenants':tenant,'CIDR_Range':asset}
dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'd move the subprocess.call into the generate sub, so it will have access to the parameter serverIP you can define in the results class.
#execfile('apiscript.py')
subprocess.call('apiscript.py')
""" ----- Generating command yields results into splunk ------"""
@Configuration()
class results(GeneratingCommand):
serverIp = Option(require=False, validate=validators.Fieldname())
def generate(self):
subprocess.call('apiscript.py', serverIp)
file = '/data/splunk/apps/bin/lookups/assets.csv'
with open(file,"r") as f:
reader = csv.reader(f,delimiter=',')
for tenant,asset in reader:
yield {'P_tenants':tenant,'CIDR_Range':asset}
dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__)
Enterprise Security Content Update (ESCU) | New Releases
Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?
Index This | What are the 12 Days of Splunk-mas?
