Solved: Use a Python module in a custom alert action

eden881 · ‎09-02-2019

I have a custom alert action that I wrote using the manual on the documentation:

https://docs.splunk.com/Documentation/Splunk/7.3.1/AdvancedDev/ModAlertsIntro

I need to import a Python module (boto3) into my action's script.

How can I do that?
Where and how do I install the module?

MuS · ‎09-02-2019

Hi eden881,

you can download the module directory or use a python egg of the module, place it in the bin directory of your app (assuming you created your alert action in a seperate app) and use import boto3 at top of your script. That should import the module if all module dependencies are fulfilled.

Hope this helps ...

cheers, MuS

View solution in original post

MuS · ‎09-02-2019

Hi eden881,

you can download the module directory or use a python egg of the module, place it in the bin directory of your app (assuming you created your alert action in a seperate app) and use import boto3 at top of your script. That should import the module if all module dependencies are fulfilled.

Hope this helps ...

cheers, MuS

eden881 · ‎09-03-2019

Thank you! It worked well.

Use a Python module in a custom alert action

Infographic provides the TL;DR for the 2023 Splunk Career Impact Report

Splunk Lantern | Getting Started with Edge Processor, Machine Learning Toolkit ...

Enterprise Security Content Update (ESCU) | New Releases