How to get the json results of my custom script in...

rockzers · ‎08-14-2022

i created a custom python api script and it works fine and i want to import in splunk

so i put my script. "C:\\Program Files\\Splunk\\etc\\apps\\search\\bin\\sample.py"

I run cmd and the result is getting correctly

in splunk i created data inputs -> scripts -> select my scripts -> select source type _json -> app context App Browser -> selected index

but i am not getting any json results in splunk search index

Is there any configuration needed?

when i check input.config it is already correctly the file details, so why splunk index doesn't show any json data?

[script://$SPLUNK_HOME\etc\apps\search\bin\sample.py]
disabled = false 
host = home 
index = jsearch 
interval = 60.0 
sourcetype = _json

VatsalJagani · ‎08-15-2022

@rockzers - Try updating the stanza name to:

[script://$SPLUNK_HOME/etc/apps/search/bin/sample.py]

I hope this helps!!!

rockzers · ‎08-15-2022

@VatsalJagani

i used windows so that stanza is there

VatsalJagani · ‎08-15-2022

Do you see the input when you open Splunk Web UI and Go to "Settings > Inputs"?

How to get the json results of my custom script in Splunk?