I would like to add a new field, an "interesting field" to put my new data in. I will add a one word value to this field for each event I am passed and iterate through. nIs there a way to send this info back from the streaming method that changes the value of the events permanently in Splunk? I am iterating through the command by using the default streaming class example and using a stream function like:
@Configuration()
class myCommand(StreamingCommand):
def stream(self, events):
for event in events:
#Does something with event
yield{'found': "Success"}
dispatch(myCommand, sys.argv, sys.stdin, sys.stdout, name)
My script is in Python. Thanks for any help!
... View more