I'm writing a custom search command filter that's designed to use pythons
tempfile.gettempdir. I see that Splunk uses the environment variable which
gettempdir returns as the location for Splunk's dispatch directory. I also want to use the value of
gettempdir to make a single folder and write files into that folder.
Is it safe to use the dispatch directory set by Splunk for my own uses? Is it safe if I only use folder's that don't conflict with Splunk's dispatch naming conventions?
I did a few tests with using the
tempfile.gettempdir and it worked fine without any issues. I didn't try to use a path that is used by splunk within the dispatch directory but I imagine that would causes issue. As @ddrillic said it isn't a good practice; and so I just replaced the use of
gettempdir with a variable read with
splunk.splunklib.cli_common.getConfKeyValue from a config file when my search-command runs.