I'm new to Splunk, and I need to feed some logging message/events into Splunk remotely using Splunk Python APIs.
This is a new platform using Linux, so there won't be any existing APP to use.
The message/events look like the following:
INFO 2014-12-29 20:37:54,611 get_customer_type 3010 get_customer type....
INFO 2014-12-29 20:37:54,652 get_customer_id 2996 get_customer_id....
ERROR 2014-12-30 00:05:25,558 save_cloudx_config 52 lookup bucket:cheng-bucket1 failed
I have launched a Splunck at a remote linux machine to collect data, and, from my platform, I would like to progarmatically
call Splunk Python APIs to connect to this remote Splunk, do some configuration, and be able to start calling whatever.submit
to Splunk so that Splunk can index the event/messages I submitted and be able to perform searching for those data.
I have already confirmed that I can access the remote Splunk using the following:
service = client.connect(host='10.88.0.99',port=8000,username='admin',password='123456')
My qustions are:
1. Is there any examples
2. What are the basic essential python APIsI need to call to do the essential configuration to start feeding event to Splunk? e.g. do I need to create a new index?
3. Is there any universal APP that can be used for this purpose?
I am new to Splunk and please forget me if I ask stupid questions.
Thanks a lot...
... View more