0

We're using Splunk (A tool to analyse machine data like log files) and have an application in PHP. For some data we need to do a call to our application in php (CLI-based). Unfortunately Splunk only supports Python calls.
Is there an easy way to 1:1 "forward/call" php with the same arguments and return the output, like a "passthru". I've found only parts of the solution with the socalled subprocess module but my python experience is zero, so can't get it to work.

For example, splunk calls:
python external_lookup.py argument1 argument2 argument3
- Then the python script should call (with the CLI arguments given to python):
php external_lookup.php argument1 argument2 argument3
- Then php writes its output
- Python captures that output and outputs it itself

Any help much appreciated, or a working example script even better.

Thanks in advance,
Vince

Improve this question
4
  • It looks like Splunk has a nice RESTful API that you can use from any language. docs.splunk.com/Documentation/Splunk/latest/RESTAPI/… Commented Sep 21, 2012 at 18:36
  • os.system('php external.php %s'%' '.join(sys.argv[1:])) ... maybe... Commented Sep 21, 2012 at 18:40
  • Thank you, that's in relation to search etc. (Different functionality) Our problem is in relation to indexing and field lookups. It is described here for python (which is the only language supported for that functionality): docs.splunk.com/Documentation/Splunk/4.3.4/Knowledge/… Commented Sep 21, 2012 at 18:41
  • Thanks Joran, I tried to get it to work, but didn't work instantly so I was trying to figure it out by reading the python documentation on os.system etc. but then xiaomao already posted a solution that worked. Thanks for the effort. Commented Sep 21, 2012 at 19:16

2 Answers 2

Reset to default
1

Using Popen from the subprocess module:

import sys
from subprocess import Popen
output = subprocess.Popen(['php', 'path/to/script.php'] + sys.argv[1:], stdout=subprocess.PIPE).communicate()[0]

sys.argv[1:] contains every command line argument except the name of python script itself.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

You code doesn't specify the PHP script to execute, and it outputs all the output when the PHP script terminates.
@xiaomao: as far as I understood the question, the OP wants to get all output from the PHP script.
I think it's a better idea to output real time. But that's not the point. Your code is fundamentally wrong. subprocess.Popen is not even a valid identifier in this case.
Thanks knittl, I tried it and indeed found out that I had to switch import Popen from subprocess to from subprocess import Popen, but then somehow still got a syntax error on the *sys.argv[1:] trying to debug it. And then xiaomao's solution was posted already which works. Thanks again.
0

Using subprocess.call:

import sys, subprocess
sys.exit(subprocess.call(['php', sys.argv[0].replace('.py', '.php')] + sys.argv[1:]))

Edit: Made Python script return the value the PHP script returned.

Improve this answer

4 Comments

Thanks, this does the trick instantly :-). Now we can keep working in our main language rather than mixing the code base too much. It'll open up a lot of good stuff to splunk, for example if the log file contains a user_ID we can substite it with their names, and then make reports from it which are human friendly.
Can you also forward the stdin in the same statement? Making it completely proxy all possible input? (I just found out that in some cases splunk also uses stdin...) Something like appending + ' < ' sys.stdin.read() I'm guessing but not sure if that'll work with strings and line endings properly. Thanks in advance.
@VinceMeens I believe subprocess.call will forward all streams (stdin, stdout, and stderr) unless told not to.
You're right... my mistake. I was already capturing the stdin in my python script to debug it to a file, so therefor it wasn't forwarded. Thanks again.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.