Solved: elasticsplunk convert to python3 not working- do y...

jinnypt · ‎02-20-2022

Hello.

Up to Splunk 7 version, it was python2, so I was using the app below to search elasticsearch.

As I upgraded the Splunk version to 8 and started using python3, the app could not run.

So, I ask if there is a way to use this app.

* How to use it in python3? (If the conversion is successful and is in use, can you share it?)

* Is there an app that can replace it? (I'm not going to use the Elasticsearch Data Integrator - Modular Input app.)

* If there is an app you are using with splunk 8 (python3), please recommend it.

jinnypt · ‎02-21-2022

I solved it!

I added the path and file below.

$SPLUNK_HOME/etc/apps/{application_name}/local/server.conf

[general]

python.version = python2

jinnypt · ‎02-21-2022

Temporarily solved it with the method below.

$SPLUNK_HOME/etc/system/local/server.conf

[general]

python.version = python2

Since the above method runs in python2 for all apps, I think it will cause problems in the future.

Is there a way to run only a specific app with python2?

Entering the settings below doesn't work in python2.

$SPLUNK_HOME/etc/apps/{application_name}/local/app.conf

[install]

python.version = python2

jinnypt · ‎02-21-2022

I solved it!

I added the path and file below.

$SPLUNK_HOME/etc/apps/{application_name}/local/server.conf

[general]

python.version = python2

elasticsplunk convert to python3 not working- do you have an alternative suggestion?