Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

use lookup or lookup-csv in custom python command

sbsbb
Builder
‎12-04-2013 05:33 AM

Is it possible to use a defined lookup, within a custom python command ?

If not, is it possible to access directly the csv file from the lookup, in order to process to a kind of lookup in the function ?

Reply

aelliott
Motivator
‎01-14-2014 08:49 AM

Is this what you are looking for?
http://answers.splunk.com/answers/1104/lookups-with-a-python-script

Reply

Lowell
Super Champion
‎01-14-2014 08:47 AM

Good question. I doubt it's possible to directly access a lookup from within a custom python search command. However, it should be possible to use the REST APIs to call back into splunk, get information about the location of a specific lookup file and then simply open it using Python's own csv module. This really only works for the simplest cases. For example, scripted lookups wont work. You'll have to implement any "extra" features that you need. (For example, a match_type of WILDCARD or CIDR).

0 Karma
Reply
Don’t Miss Global Splunk
User Groups Week!

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes
and swag!