Why am I getting an "unknown search command error"...

Splunk Search

I have created a custom generating command on the search head. I also want to execute this command on the search head. I don't want this command to be sent to the indexers. This is why I have set distributed = False and local = True in the commands.conf as below.

[generatepaths]
distributed = False
chunked = true
local = True
enableheader = true
outputheader = true
requires_srinfo = true
supports_getinfo = true
supports_multivalues = true
supports_rawargs = true
filename = system_python.path
command.arg.1 = sankey.py

Sometimes, you have to set the same parameters in multiple places. So I have also configured the following in my python script to force the command to be executed locally:

@Configuration(local=True)

Still no luck. I get a "Search Factory: Unknown search command 'generatepaths'" error from every indexer. What should I do to execute custom command locally on the Search Head. Is there some other hidden undocumented setting i have to look for or this is simpy a bug?

Get Updates on the Splunk Community!

Why am I getting an "unknown search command error" when trying to execute a custom command on the Search Head?

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

Are you a member of the Splunk Community?

Why am I getting an "unknown search command error" when trying to execute a custom command on the Search Head?

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25