Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

passing search result to empty python file

harsh1734
New Member
‎08-25-2013 09:40 PM

hi,
i am running a query

index="dataload" in search and i want to transfer it result in empty python file ..For that i hv uploaded a python sdk and created an empty file in aap-search-bin folder..

but i dont know the correct way,how can i transfer my search result to empty python file,i hv to again perform some operation on this python file..but first want to transfer my search result in python file

index="dataload" | tabel python.py
like this.....

Tags (2)
0 Karma
Reply

yannK
Splunk Employee
Splunk Employee
‎08-27-2013 07:39 AM

Your request for a python script command is quite confusing.

I see 2 alternate simple options :

In this case, provide a useful sample. And the expected result.

0 Karma
Reply

Ayn
Legend
‎08-27-2013 12:34 AM

I'm very sure Splunk can do this. My advice would be to open up a separate question about this, with examples and good information on what you want to do.

Reply

harsh1734
New Member
‎08-26-2013 10:43 PM

yup,but this is the only solution i think..because splunk is not able to make the regex for these fileds values like if the field has values like (720),(65,123,457) so it will make regex of (65,123,457) its a single value but splunk is cosidering it as different value and breaking it into 65 123 and 457 as individual unit

0 Karma
Reply

Ayn
Legend
‎08-26-2013 06:42 AM

And oh, if I recall correctly you were the guy who had field extraction problems and wanted to solve them by writing custom Python commands. I still don't think that sounds like a good solution.

0 Karma
Reply

Ayn
Legend
‎08-26-2013 06:41 AM

That actually made me more confused than I was before 🙂

0 Karma
Reply

harsh1734
New Member
‎08-26-2013 01:22 AM

i want to perform some python programming on that index because their is problem in extracting some of the fields.so by writing a script means i know that on 3rd line, my this output will be there so cutting all that field value... some thing like that

0 Karma
Reply

Ayn
Legend
‎08-26-2013 12:25 AM

What do you mean by transferring to an empty Python file? Why would you want to do that? What's the desired end result?

0 Karma
Reply
Get Updates on the Splunk Community!

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...