因為 Splunk CLI 一樣需樣登入
所以可以先在 Script 檔案中預先輸入帳號、密碼
export SPLUNK_USERNAME=帳號
export SPLUNK_PASSWORD=密碼
然後在下 Splunk 的登入、查詢等指令
/opt/splunk/bin/splunk login
/opt/splunk/bin/splunk search 'index=_internal source=*metrics.log group=per_index_thruput NOT (series=_* OR series=*summary) starttime=02/07/2013:00:00:00 | timechart span=1d sum(eval(kb/1024)) AS "MB indexed" by series | fields + main | fields - _* | outputcsv test_usage.csv'
這邊主要是將結果輸出到 test_usage.csv ,預設存放路徑為 “/opt/splunk/var/run/splunk/” (檔案格式為CSV)
並且輸出欄位僅留下 “main”
順帶一提的是 Splunk CLI 指令中不能包含常用的 Script 變數
所以可以先用 Script 將變數搭配 Splunk 指令輸出到一個文字檔中
再去執行該文字檔,下面是個例子
/bin/sh /tmp/test_usage.sh > /tmp/test_usage2.sh
/bin/sh /tmp/test_usage2.sh
而第一個 Script 檔案要注意保留字元的部分
/bin/echo "export SPLUNK_USERNAME=帳號"
/bin/echo "export SPLUNK_PASSWORD=密碼"
/bin/echo "/opt/splunk/bin/splunk login"
/bin/echo "/opt/splunk/bin/splunk search 'index=_internal source=*metrics.log group=per_index_thruput NOT (series=_* OR series=*summary) starttime=$(date '+%m/%d/%Y'):00:00:00 | timechart span=1d sum(eval(kb/1024)) AS "MB indexed" by series | fields + main | fields - _* | outputcsv test_usage.csv'"
/bin/echo "/bin/echo "已使用額度""
/bin/echo "/bin/echo $(/bin/sed '1d;s/^.//;s/.$//' /opt/splunk/var/run/splunk/test_usage.csv)"