thanks @niketnilay for these options.
Actually I have one index which have multiple fields like latitude,Longitude ,"FieldA","FieldB","FieldC".Using these fields I have to calculate "distance" and again ingest "distance" filed into same index for every events.
For distance calculation I have to use python script because distance calculation logic can not be implemented on splunk search.
Note:in this case I will get already ingested data .I have calculate distance and add distance filed to same index.
I am trying custom command but I am not able to fetch more than two variable from splunk side .I don't know why I am getting error code 1.
please check my code :
import sys
import splunk.Intersplunk
import json
import requests as req
def calculate_distance(lat,long,fieldA,fieldB,fieldC):
#internal logic will be here
return distance
def collect_events():
results, dummyresults, settings = splunk.Intersplunk.getOrganizedResults()
for result in results:
lat=result["Latitude"]
long=result["Longitude"]
fieldA=result["FieldA"]
fieldB=result["FieldB"]
fieldC=result["FieldC"]
result[distance]=calculate_distance(lat,long,fieldA,fieldB,fieldC)
splunk.Intersplunk.outputResults(results)
collect_events()
... View more