Is there a good, simple resource for how to code up extensions in Python that work with the stats() command? Background: I'd never thought of using Python with Splunk...until this last month, when literally thousands of IP addresses started trying to brute-force user passwords using my org's externally visible systems. Each address tries a few passwords for a few users, making it silly to block individual IP addresses. I could block networks, but that's overkill unless I can tune the netmasks. Anyway, I wrote up a Python script to help me figure out a set of minimal networks/masks I can block - more than individual IP addresses but less than, say, mechanically blocking a bunch of fixed-width netblocks. The script runs at a command line and has proven useful. But it occurs to me that I should be rewriting it to work with the Splunk stats command and output a list (like values()). I have read over some documentation Splunk on how to do this - or tried. It's spread out and what I can find is, to me, inscrutable. I do some coding, but generally, it's in Perl, C#, C, etc. I'm probably just missing something. There is likely a good, simple resource out there and I've missed it. ... View more