Found the answer.
if,
import splunklib.client as client
services=client.connect(...)
jobs=service.jobs
for job in jobs:
job.content['label'] #Will give you the saved_search name
... View more
While using Splunk SDK of Python, how do you get the details of the saved search that initiated the job.
I have the job sid of the jobs going on and some jobs which are done processing. I want their Saved Search name or their Saved Search ID.
... View more
I don't want to run the script while splunk is not running. I just want to run it when splunk runs. So the running of the script has to be initiated according to the running of splunk.
... View more
I found this in init.d file
"The init scripts that used to reside in this directory are deprecated. Splunk
now includes the ability to update the system boot configuration on its own."
... View more
I want to run a python script along with Splunk. It should start when Splunk starts and should restart when Splunk restarts. Is there a way of configuring this so that my python script can run every time Splunk starts?
... View more
Instead of using as you did, the following will work.
kwargs = {
'description': 'failed auth',
'is_scheduled' : True,
'cron_schedule' : '*/5 * * * *',
'dispatch.earliest_time' : 'rt-5s@s',
'dispatch.latest_time' : 'rt+5s@s'
}
... View more