Custom commands/automated self-healing
Using custom commands is an advanced feature within Splunk, and requires a Python developer in order to create one. The advantage to this is that, if you have a system that you need to run a command on in real time to, say, check memory utilization, CPU utilization, or even unlock a user account or restart a service, you can leverage this technique and then have your Splunk alerts/searches perform these functions in real time. It really might be a good idea to reference the free, pre-built alert action apps on Splunkbase. They can be an extremely valuable jumping-off point for someone who wants to build a custom action, but perhaps isn't sure how to. Let's say we want to restart a remote service when a specific log message occurs more than 30 times because that means the application itself has hit a wall and is no longer functioning.
Let me add that this is not a good thing to do. The ideal situation is to leverage your internal process to get development...
