Closed mrabbitt closed 11 years ago
Thanks for the Issue and PR Michael, I'm going to test, merge and release this ASAP.
Also, in the future if it's not too much in the hassle, I try to stick to the Google Python Style Guide: http://google-styleguide.googlecode.com/svn/trunk/pyguide.html
Using version 1.1.0 of the app, I could not get the script failed to create incidents when triggered by a search whose results did not contain the
_raw
field; e.g. a search that pipes results through thetop
orstats
Splunk commands. I modified the script to log exceptions thrown bymain()
to a separate log file, and got this:Wether or not the
SPLUNK_ARG_5
environment variable is defined, the expressiondetails['events'][0]['_raw']
is evaluated.