How to put search query in "views.py" and show the...

harshal_chakran · ‎11-18-2013

Hi,
I have created an application using Django Bindings.
I wanted to know, if is it possible to write search queries in "views.py" file in Splunk app folder.
And show the output in form of table and chart.

And one more thing, is it really possible to use one query and apply some python logic to it and then use it as the final output?

Please Help...!!!

Federica_92 · ‎03-03-2015

Hi, I'm trying to execute a search in the django and get the results in the views.py, Is possible?

ineeman · ‎11-18-2013

Great question. There are several things you can do:

You can definitely build your query up in Python (in views.py) and then pass
it down to JS in a SearchManager. For example, you might have:

@render_to('myapp:mypage.html')
def get_page_config(request):
    my_query = "index=_internal | head %s | stats count by sourcetype" % request.GET.get('count', 10)
    return {
        "query": my_query
    }

and then in your template (mypage.html😞

{% block content %}
    {% chart id="mychart" managerid="mymanager" %}
    {% table id="mytable" managerid="mymanager" %}
{% endblock content %}

{% block managers %}
    {% search id="mymanager" search=my_query %}
{% endblock managers %}

You can also create an actual search job using the Python SDK, and then use
that search for your manager. For example, you might have:

@render_to('myapp:mypage.html')
def get_page_config(request):
    my_query = "index=_internal | head %s | stats count by sourcetype" % request.GET.get('count', 10)
    my_job = request.service.search(my_query)
    return {
        "sid": my_job.sid,
    }

and then in your template (mypage.html😞

{% block content %}
    {% chart id="mychart" managerid="mymanager" %}
    {% table id="mytable" managerid="mymanager" %}
{% endblock content %}

{% block managers %}
    {% search id="mymanager" sid=my_query %}
{% endblock managers %}

You can read more about the Python SDK here:

Hopefully this answers your question. Let us know if you need any more detail.

ineeman · ‎11-21-2013

Sorry for being slow to pick up, but I'm still not quite sure. Can you give an example query and the type of loops/other logic you want to apply to it? Once that logic is applied, what do you want to do with that data?

harshal_chakran · ‎11-21-2013

I need to create an application using Splunk Python SDK. where the python file will be edited to insert search query.
Using this query's output, I want to apply looping and other python logic. And display the output of those to the Splunk.

Can you please describe in detailed steps for how to do it?

ineeman · ‎11-20-2013

Can you give an example of what you'd like to do? I'm not sure I follow.

harshal_chakran · ‎11-19-2013

Hey, Thanks a lot ineeman!!!That really helped.
There is one more question, that how to use two or more search queries and apply some python logic to their output using python SDK. Plus where to make this changes??

How to put search query in "views.py" and show the output on splunk template(html page)?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor