Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

passing search result to empty python file

harsh1734
New Member
‎08-25-2013 09:40 PM

hi,
i am running a query

index="dataload" in search and i want to transfer it result in empty python file ..For that i hv uploaded a python sdk and created an empty file in aap-search-bin folder..

but i dont know the correct way,how can i transfer my search result to empty python file,i hv to again perform some operation on this python file..but first want to transfer my search result in python file

index="dataload" | tabel python.py
like this.....

Tags (2)
0 Karma
Reply

yannK
Splunk Employee
Splunk Employee
‎08-27-2013 07:39 AM

Your request for a python script command is quite confusing.

I see 2 alternate simple options :

In this case, provide a useful sample. And the expected result.

0 Karma
Reply

Ayn
Legend
‎08-27-2013 12:34 AM

I'm very sure Splunk can do this. My advice would be to open up a separate question about this, with examples and good information on what you want to do.

Reply

harsh1734
New Member
‎08-26-2013 10:43 PM

yup,but this is the only solution i think..because splunk is not able to make the regex for these fileds values like if the field has values like (720),(65,123,457) so it will make regex of (65,123,457) its a single value but splunk is cosidering it as different value and breaking it into 65 123 and 457 as individual unit

0 Karma
Reply

Ayn
Legend
‎08-26-2013 06:42 AM

And oh, if I recall correctly you were the guy who had field extraction problems and wanted to solve them by writing custom Python commands. I still don't think that sounds like a good solution.

0 Karma
Reply

Ayn
Legend
‎08-26-2013 06:41 AM

That actually made me more confused than I was before 🙂

0 Karma
Reply

harsh1734
New Member
‎08-26-2013 01:22 AM

i want to perform some python programming on that index because their is problem in extracting some of the fields.so by writing a script means i know that on 3rd line, my this output will be there so cutting all that field value... some thing like that

0 Karma
Reply

Ayn
Legend
‎08-26-2013 12:25 AM

What do you mean by transferring to an empty Python file? Why would you want to do that? What's the desired end result?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Unlock What’s Next: The Splunk Cloud Platform at .conf25

In just a few days, Boston will be buzzing as the Splunk team and thousands of community members come together ...
Top