Scenario: Accessing remote Splunk Enterprise server from another VM using Python SDK that does not have Splunk Enterprise installed.
Issue: Added a scripts in directory /splunk-sdk-python-1.6.2/examples but it is failing.
For instance:
[root@VMW-ELK-TEST-01 examples]# python runsearch.py
Traceback (most recent call last):
File "runsearch.py", line 3, in
import splunklib.results as results
ImportError: No module named splunklib.results
Questions:
Is this happening because the VM wherein I am running this script does not have Splunk Enterprise installed?
If so, what are the alternatives to interacting with the Splunk Enterprise cluster from a "Scripts" VM wherein we do not want to pay for licensing and just use the SDK API wrapper to interact.
P.S.
I was able to get one of the sample scripts in the examples directory to work accordingly:
python search.py "search index=pci_jbx_index * | head 10" --host=a.b.c.d --username="abc" --password="def" --output_mode=csv --verbose=verbose
Thanks everyone in advance,
-Mohammad
... View more