Just a little discussion to open up on this environment, the alerting module and some functionalties required.

Custom Script(Edit)

Execute a custom script when an alert is triggered by Splunk:


In order to simulate the execution by Splunk, we need to run:

 <path_to_bin>/splunk cmd python custom_script.py 

(Replace <python> with your exec environment, and the script name by your own !)

You can follow the logs in the following directory:


The main interesting file being: splunkd.log


  • yAlff, 2016. How to troubleshoot why my alert action Python script does not run? Splunk>answers.

online https://answers.splunk.com/answers/420847/how-to-troubleshoot-why-my-alert-action-python-scr.html accessed on June 20, 2017