I have created a custom search command and placed my py file in search/bin and then I have created search/local/commands.conf file and added
[data]
filename = data.py
streaming = false
c...
I am in /opt/apps/splunk/etc/apps/search/default
when I edit commands.conf it says
DO NOT EDIT THIS FILE!
Please make all changes to files in $SPLUNK_HOME/etc/system/local
does that m...
I've created a script that, when called from the search bar using:
|script foo.py | outputtext
it outputs a table containing one unnamed column containing the script output and an empty _raw...
...pp_name> is search because its a search command. So I created
$SPLUNK_HOME/etc/app/<app_name>/local/commands.conf
and put in a single santza for my command. Saved it, restarted splunk and t...
I'd like to push an app that overwrites which script sendemail uses. For instance I pushed:
email_app
bin/sendemail2.py
local/commands.conf
filename = sendemail2.py
metadata/d...
...xternal search command 'disabler' does not exist in commands.conf.
I have placed the commands.conf file in both the default and local folders and have restarted Splunk, but the results are always t...
If I use the command ./splunk add monitor /var/log, -> /splunk/etc/apps/search/local/inputs.conf file will be modified. However, if I use the command ./splunk add forward-server a.a.a.a:9...
Hey there, i have wrote a custom command in order to execute whois querys using an internal whois server, which expects csv files and returns json files containing the results. The CSVs are ...
Does anyone know how the outputlookup command is configured? commands.conf does not reference a python script for it. I want to change how new files are created so that they are private and a...