http://answers.splunk.com/answers/25658/whats-the-point-of-custom-python-scripts.html

This is what I did
Put my custom python script in this folder
/var/sky/splunk/etc/system/bin

import csv
import sys
import splunk.Intersplunk
import string
(isgetinfo, sys.argv) = splunk.Intersplunk.isGetInfo(sys.argv)
if len(sys.argv) < 2:
splunk.Intersplunk.parseError("No arguments provided to custom script")

results = splunk.Intersplunk.readResults(None, None, True)
splunk.Intersplunk.outputResults(results)

Modify commands.conf file in below folder
/var/sky/splunk/etc/system/local

defaults for all external commands, exceptions are below in individual stanzas

type of script: 'python', 'perl'

TYPE = python

default FILENAME would be .py for python, .pl for perl and otherwise

is command streamable?

STREAMING = true

maximum data that can be passed to command (0 = no limit)

MAXINPUTS = 50000

end defaults

[customtest]
filename = customtest.py

To reload the setting run this URL in your browser (Just in case, if required)
https://SPLUNK_HOSTNAME:PORT/debug/refresh

And this is how we can use custom command in splunk
| customtest GETINFO [Inputparameters]