Stack Overflow
Stack Overflow

Questions tagged [splunk-sdk]

69 questions
0
votes
1 answer

Splunk Query Recommendation

I have below log from my application: BookData, { id: 12312 }, appID : 'APP1', Relation_ID : asdas-12312 host = aws@asd. sourcetype=service_name The entire log above is in the form of a single String. I want to create a table with the no. of times…
kselvan9000
  • 23
  • 6
0
votes
1 answer

Sending Log Data to Splunk using Python

I have an app that detects file changes, backups, and syncs files to Azure. I currently have a logger setup writes log events to a file called log.log. I also have event data streaming to stdout. This is my current working code. I’d like to send log…
kcash
  • 1
  • 2
0
votes
1 answer

Splunk Search query returns 'Unknown Search Command' error while trying to display search results using the Splunk Enterprise SDK for Java

I am trying to access Splunk results using java. I have followed the below link to achieve the same https://dev.splunk.com/enterprise/docs/devtools/java/sdk-java/howtousesdkjava/howtodisplaysearchsdkjava/ I am trying to give the below search String…
krishna
  • 343
  • 2
  • 5
  • 19
0
votes
0 answers

splunklib.binding.AuthenticationError: Autologin succeeded, but there was an auth error on next request. Something is very wrong

I am connecting to Splunk using splunklib and connecting to splunk in the following manner using Username and password:- service = client.connect(host=host_name, scheme="https", …
user3531591
  • 51
  • 2
0
votes
1 answer

How to get variable out from the Splunk mvc.createService().get() function?

sorry for posting this, but I need some help and another pair of eyes. I must admit that everything that I have found here on stackoverflow, splunk docs and splunk community answers, and of course tried, it failed on me. What I want to achieve is to…
GxGL
  • 11
  • 2
0
votes
2 answers

Unable to connect Java with splunk cloud

I want to connect my java program to Splunk Cloud and send logs there. I tried to connect with Splunk enterprise (installing on my local machine). In this case it's connected successfully and I can see the logs there too. I don't know why I'm unable…
SE123987
  • 29
  • 5
0
votes
1 answer

Http get method for Splunk saved search using access token

What would be the correct HTTP get request call syntax to fetch saved search data from Splunk if we're accessing it through an access token? My curl command is working but http.get is not. curl command: #os.system('curl -H "Authorization: Bearer…
Kanika Singla
  • 59
  • 9
0
votes
1 answer

Pushing logs from python to Splunk

How can we push Python Application logs to Splunk. what are the prerequisite.Should we first convert out logs in structured format(key-value based) before sending to Splunk? There is a package splunk_handler for pushing logs to splunk but i could…
Sarvendra Singh
  • 109
  • 1
  • 1
  • 9
0
votes
2 answers

How to migrate entire index data from one Splunk server to another Splunk server

I have a Splunk server with index data for 650k events. I want to migrate the entire data from one instance to another new instance. I tried using a migration script with data field -27D@d but I can only migrate 50k data. -27D@d is the point from…
Mayank Srivastava
  • 149
  • 1
  • 3
  • 18
0
votes
4 answers

Splunk submit button (submitButton) does not refresh dashboard if no inputs are changed

I have a dashboard with a submit button (submitButton). The search isn't run until the button is pressed which is exactly what I want (the search takes a long time). I don't want the search starting as the user changes the other dropdowns (time),…
Dave
  • 8,095
  • 14
  • 56
  • 99
0
votes
1 answer

Error while creating a search request using Splunk JS SDK

For this example: https://github.com/splunk/splunk-sdk-javascript/blob/master/examples/node/helloworld/search_normal.js When I modify line 53. service.search("search index=_internal | head 3", {}, done); To this new query "index=comtech_np…
tmp1234
  • 1
  • 1
0
votes
1 answer

Generate Splunk report with only extracted fields

First and foremost, maybe what I am looking for isn’t possible or I am going down the wrong path. Please suggest. Consider, I’ve raw data which has n number of parameters each separated by…
Krupa
  • 193
  • 2
  • 23
0
votes
1 answer

When ever a particular search query matches in splunk i would like to send the search result to a rest api

I am new to Splunk and its apps. My Requirement is When Splunk got the particular logging like "Login Success" i would like to send that whole message to a rest API. I can use a scheduler to call Splunk-Api and get the result, but i don't want to…
anil kumar
  • 1
  • 1
0
votes
2 answers

Combining the results from 2 indexes in splunk query

I have one index idx1 and other index idx2 and a common column "A" on which matching needs to be done. I'm facing difficulty in combining the data from both the columns. I've to combine the data in such a way that if there is duplicate then the data…
sleepy_soul
  • 49
  • 1
  • 10
0
votes
1 answer

Splunk Addon builder alert action to store results in to a custom index

I am working on an addon to collect event results based on an alert and send it to an API endpoint. Once the response is a success the endpoint returns a success message in a JSON format and I Want to store it in a custom index and sourcetype. I…
Naresh Kumar
  • 185
  • 3
  • 12
1 2
3
4 5