I am trying to get a Python script to run after a search returns a username.
The search returns one username after doing a few checks (works great).
The script will add a user to an AD group (works great).
My issue is now that run a script function is deprecated, and I can't find proper documentation about passing the event field into a Python argument to run.
My Python script is saved in $SPLUNK_HOME$/bin/scripts.
Splunk deprecated running scripts with alert actions. You can check that
How about creating your own custom command.
The command can use the output of the search and pass it to the script.
You might need to change your script a bit to take in the input.
Below link can be helpful in creating a custom command
still not finding what I'm looking for in the custom search command, is what I'm asking usual for splunk to be able to do this?