Splunk Search

How to pass IP argument for API call to Python script and integrate with generating command?

Bart
Engager

Hi,

I'm very new to splunklib and not so experienced in programming and breaking my brain on this. I have 2 scripts.

First one is creating a list of assets from Server with API requests call, and saves to the file.

Second one is run by custom command, it's calling the first one and then uses generating streaming  command to pass the results from the file to Splunk. Works....Now, I want to pass server IP as an argument along with my custom command instead of having it statically specified in a API call script. I've tried many ways and nothing works for me and just breaks it when trying to use the Option second script not seeing the argument, when trying to call module from the apiscript and add argument in CustomCommand script it's also a no-go, could not find any examples and losing motivation, thinking my design is bad. 

 

#execfile('apiscript.py')
subprocess.call('apiscript.py')  
""" ----- Generating command yields results into splunk ------"""

@Configuration()
class results(GeneratingCommand):
    def generate(self):

       file = '/data/splunk/apps/bin/lookups/assets.csv'
       with open(file,"r") as f:
            reader = csv.reader(f,delimiter=',')
            for tenant,asset in reader:
                yield {'P_tenants':tenant,'CIDR_Range':asset}

dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__) 

 

Any help will be useful. Thanks

Labels (5)
0 Karma
1 Solution

FritzWittwer1
Path Finder

 

I'd move the subprocess.call into the generate sub, so it will have access to the parameter serverIP you can define in the results class.

 

#execfile('apiscript.py')
subprocess.call('apiscript.py')  
""" ----- Generating command yields results into splunk ------"""

@Configuration()
class results(GeneratingCommand):
    serverIp = Option(require=False, validate=validators.Fieldname())

    def generate(self):
       
       
       subprocess.call('apiscript.py', serverIp)  


       file = '/data/splunk/apps/bin/lookups/assets.csv'
       with open(file,"r") as f:
            reader = csv.reader(f,delimiter=',')
            for tenant,asset in reader:
                yield {'P_tenants':tenant,'CIDR_Range':asset}

dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__) 

 

View solution in original post

FritzWittwer1
Path Finder

 

I'd move the subprocess.call into the generate sub, so it will have access to the parameter serverIP you can define in the results class.

 

#execfile('apiscript.py')
subprocess.call('apiscript.py')  
""" ----- Generating command yields results into splunk ------"""

@Configuration()
class results(GeneratingCommand):
    serverIp = Option(require=False, validate=validators.Fieldname())

    def generate(self):
       
       
       subprocess.call('apiscript.py', serverIp)  


       file = '/data/splunk/apps/bin/lookups/assets.csv'
       with open(file,"r") as f:
            reader = csv.reader(f,delimiter=',')
            for tenant,asset in reader:
                yield {'P_tenants':tenant,'CIDR_Range':asset}

dispatch(results, sys.argv, sys.stdin, sys.stdout, __name__) 

 

Get Updates on the Splunk Community!

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...