Languages Custom Processing Applications

Want to tweak the way Splunk indexes particular types of data?

Custom Processor Applications allow you to change how Splunk handles particular data sources. Create your own, or download scripts created by other members of the Splunk community! Even better, since Applications can have more than one type of content, you can include other features as well!

Not a Splunk user? Download Splunk, set up your Splunk server, and then install your Applications(s) to extend your server.

Splunk Parse

Splunk Parse (splunk_parse.py) is a python script you can set as your alert action on a saved search. It reads in the fields a saved search passing along and parses the corresponding saved search log file which is in CSV format. The parsing spits out the originating host and the full original problem. In this version it's feed to my ticketing system, but the output action can be easily changed.

Author: shaggy Type: Searches, Integration, Custom Processing, Alerts
Rating: Awaiting 3 votes Added: 5 months ago
Downloads: 98 Last Updated: 5 months ago
License: Creative Commons Price: Free
Categories: