Connect Splunk From Python Script and pull data out of Splunk.

In today’s digital world we need to connect Splunk to pull data out of Splunk for ML modeling or prediction. There are multiple ways to do you, through both licensed & open source tools.

In this article i have demonstrated a way how we can connect Splunk and pull data out of Splunk and get it loaded to a platform out side of Splunk.

import splunklib.client  as client
HOST = "restapi.splunk.XXXX.com"
PORT = 443
USERNAME = "username"
PASSWORD = "password"

# Create a Service instance and log in
service = client.connect(
    host=HOST,
    port=PORT,
    username=USERNAME,
    password=PASSWORD)

# Print installed apps to the console to verify login
for app in service.indexes:
    print app.name
    if app.name == 'Index_name':
        print app.name
        print "Index Found"
    else:
        print "Index Not Found"

If you able to get printed index name then you are through and it worked for you.