Hi, I would first like to explain my requirement: Ultimately, I want to generate a alert (email) based on two conditions:
- Certain syslog message pattern is seen on a device
- After logging into the device, and giving some verification commands, certain output is seen
I understand that Splunk can do the 1st part (generating alert based on syslog message) very well, but it can't do the 2nd part (logging into a device and executing some commands and take action based on output).
Thats why, I would like to run a Python script that does the 2nd part.
To summarize, I just want to know if I can do the following:
- When a syslog message appears on a device, that should trigger a Python Script (I know this is possible)
- The Python Script will login to router and execute some commands (not a Splunk requirement)
- Based on the output of those commands, the python script should be able to tell Splunk to generate an alert (Is this possible with Splunk Python SDK?)
I hope I have made it clear, Thanks,