Hi all. I need to get data from Splunk by invoking an external scrip(Python etc..). Directly when i run the script i need to get the output data. For e.g i need to get the data from an index "CDM" Is there a way to do it? How to start with this? Thanks in advance.
It sounds like you are wanting a Python script that dispatches a search in Splunk, and then returns the results?
If that is the case, check out the Python SDK. I think one of the example scripts does what you want.
You need a scripted input
:
http://docs.splunk.com/Documentation/Splunk/latest/AdvancedDev/ScriptedInputsIntro
Check for the availability of the REST end point for those resources..
you can even execute queries...
Refer the below link
http://dev.splunk.com/restapi