script
script
Synopsis
Makes calls to external Perl or Python programs.
Syntax
script (perl|python) <script-name> [<script-arg>]* [maxinputs=<int>]
Required arguments
- script-name
- Syntax: <string>
- Description: The name of the script to execute, minus the path and file extension.
Optional arguments
- maxinputs
- Syntax: maxinputs=<int>
- Description: Determines how many of the top results are passed to the script. Defaults to 100.
- script-arg
- Syntax: <string>
- Description: One or more arguments to pass to the script. If passing more than one argument, delimit each with a space.
Description
Calls an external python or perl program that can modify or generate search results. Scripts must live in splunk_home/etc/searchscripts and only a search user with administrator privileges may execute them. If the script is a custom search command, it should be located in $SPLUNK_HOME/etc/apps/<app_name>/bin/. To invoke the script:
- For python, use splunk_home/bin/python
- For perl, use /usr/bin/perl
Examples
Example 1: Run the Python script "myscript" with arguments, myarg1 and myarg2; then, email the results.
... | script python myscript myarg1 myarg2 | sendemail to=david@splunk.comAnswers
Have questions? Visit Splunk Answers and see what questions and answers the Splunk community has using the script command.
This documentation applies to the following versions of Splunk: 4.1 , 4.1.1 , 4.1.2 , 4.1.3 , 4.1.4 , 4.1.5 , 4.1.6 , 4.1.7 , 4.1.8 , 4.2 , 4.2.1 , 4.2.2 , 4.2.3 , 4.2.4 , 4.2.5 , 4.3 , 4.3.1 , 4.3.2 View the Article History for its revisions.