Hi,
Python SDK for Splunk does not have a JSON parser. You will need to write your own. If you would just like to see the results then skip the ResultsReader. You can try something like:
kwargs_export = {"search_mode": "normal", "output_mode":"json"}
searchquery_export = "search index=auto"
exportsearch_results = self.splunk_instance.jobs.export(searchquery_export, **kwargs_export)
print exportsearch_results.read()
... View more
My bad..I was looking at different Splunk instance 😞
I am able to see missing extractions using CIM Validation datamodel..thank you.
Now trying how can I use CIM Validation datamodel with python.
... View more