Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

passing search result to empty python file

harsh1734
New Member
‎08-25-2013 09:40 PM

hi,
i am running a query

index="dataload" in search and i want to transfer it result in empty python file ..For that i hv uploaded a python sdk and created an empty file in aap-search-bin folder..

but i dont know the correct way,how can i transfer my search result to empty python file,i hv to again perform some operation on this python file..but first want to transfer my search result in python file

index="dataload" | tabel python.py
like this.....

Tags (2)
0 Karma
Reply

yannK
Splunk Employee
Splunk Employee
‎08-27-2013 07:39 AM

Your request for a python script command is quite confusing.

I see 2 alternate simple options :

In this case, provide a useful sample. And the expected result.

0 Karma
Reply

Ayn
Legend
‎08-27-2013 12:34 AM

I'm very sure Splunk can do this. My advice would be to open up a separate question about this, with examples and good information on what you want to do.

Reply

harsh1734
New Member
‎08-26-2013 10:43 PM

yup,but this is the only solution i think..because splunk is not able to make the regex for these fileds values like if the field has values like (720),(65,123,457) so it will make regex of (65,123,457) its a single value but splunk is cosidering it as different value and breaking it into 65 123 and 457 as individual unit

0 Karma
Reply

Ayn
Legend
‎08-26-2013 06:42 AM

And oh, if I recall correctly you were the guy who had field extraction problems and wanted to solve them by writing custom Python commands. I still don't think that sounds like a good solution.

0 Karma
Reply

Ayn
Legend
‎08-26-2013 06:41 AM

That actually made me more confused than I was before 🙂

0 Karma
Reply

harsh1734
New Member
‎08-26-2013 01:22 AM

i want to perform some python programming on that index because their is problem in extracting some of the fields.so by writing a script means i know that on 3rd line, my this output will be there so cutting all that field value... some thing like that

0 Karma
Reply

Ayn
Legend
‎08-26-2013 12:25 AM

What do you mean by transferring to an empty Python file? Why would you want to do that? What's the desired end result?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Register for .conf25!
Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away.  Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

 Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...