I'm trying to make a custom Command using python but I'm running into some errors.
"Error in 'script': Getinfo probe failed for external search command 'testscript'"
For the moment I'm just trying to figure out how to get any script to work, which is proving more difficult that I anticipated.
How I created the app and command:
So, I created a test app called "TestCommands" using the sample_app template.
Then, I created a dummy script called "testcommand.py" in the bin folder within that app.
import sys
import csv
import splunk.Intersplunk
while True:
line = sys.stdin.readline()
if not line.strip(): break
reader = csv.DictReader( sys.stdin )
headers = reader.fieldnames
writer = csv.DictWriter( sys.stdout, headers )
writer.writer.writerows( headers )
(From what I understand, this should just output the headers back to splunk)
I also have a commands.conf located in the default and local folders of the apps. (The directions were unclear as to which of these i should put it in) Both of those contain the same information:
[testscript]
filename = testcommand.py
streaming = true
supports_getinfo=true
maxinputs = 0
My Search is as follows:
source="pathname\dummydata.csv" | testscript"
I have checked that the data source isn't the problem.
Thanks for the help.
I had this issue when upgrading my python SDK of my app to version 1.3.0 (from 1.2.3). The solution was to add at the beginning of my script the following lines (as it is the case in the new examples):
import sys
from splunklib.searchcommands import \
dispatch, StreamingCommand, Configuration, Option, validators
Hope it might help others 🙂
I'll try that Chris. If I start basic enough, its bound to work. Thanks
Maybe you could start by copying one of the commands in the search app. uniq.py a very basic example.
Your command does not do anything that appears to support getinfo and the error message mentions the same, so I suggest turning that off in commands.conf.
Concerning local vs default, put the .conf in default. You're the creator of the app, so you provide the default configuration. The user of your app can then override things in local if he needs to.
After trying this, it just says "Unknown search command" 😞