scripted input

scripted input


An executable script that feeds event data to a Splunk Enterprise instance from APIs and other remote data interfaces and message queues. Use scripted inputs to index the data or to prepare data from a nonstandard source so that events and extracted fields can be properly parsed. You can use shell scripts, python scripts, Windows batch files, PowerShell, or any other utility that can format and stream the data that you want to index. You can stream the data or write the data from a script to a file.

Use scripted inputs to get data from Active Directory, WMI (Windows Management Interface), Registry, and other Windows data sources. You can also download additional apps from Splunk Apps that use scripted inputs to enable data collection from other applications.

For more information

In Getting Data In:

On the Splunk Developer Portal: