All Apps and Add-ons

Excel Export in scheduled searches

dominiquevocat
Motivator

Hm, how about using it in scheduled searches (like, using splunk for reports)?

dominiquevocat
Motivator

Folks interested might wanna try this small app: http://apps.splunk.com/app/1832/
hope ithelps

0 Karma

kearaspoor
SplunkTrust
SplunkTrust

I agree. I work on a network with >100,000 endpoints and >80,000 users. There's currently no good way to get scheduled reports (CSV or PDF) that contains all the rows we normally need, automatically sent via the e-mail export function. I would be nice if the scheduling process would have a clean interface to request how many lines should be included at the time the e-mail is scheduled. In a perfect world the 'unlimited' option would be restricted based on user role, but I'd take the basic functionality without this if that's and extra complication.

DanielFordWA
Contributor

I agree this feature would be very useful to overcome the 10,000 csv report issue.

0 Karma

michealrp
Path Finder

To add, as a network admin, gathering logs from over 2000 network devices, firewalls and name servers, our security department is all over logs from these things. They like to see who's requesting dns lookups, which ip's are coming into the firewall, attempting to break in, probes, etc. With Splunk and being able to provide geo data on which countries are trying to come into the network, etc, providing them an excel spreadsheet over a csv would be ideal.

0 Karma

michealrp
Path Finder

As there are limitations with the export to CSV to 10,000 events, an export to Excel from a scheduled search would be much more helpful, especially if it bypasses the 10,000 limit. Of course, this can be adjusted by changing the settings in the Splunk configurations manually, however, if you're an end user, without access to make changes to the code, you're out of luck if you need more than 10k lines exported currently.

araitz
Splunk Employee
Splunk Employee

I could implement something in the future that reports/alerts could use as a scripted alert action. Community: let me know if this would be useful.

andrey2007
Contributor

Yes, it would be great if splunk will send e-mail with excel report. May be during year something changed and it is possible now?

0 Karma

dominiquevocat
Motivator

@andrey2007 check out the TA-XLS, hope it helps

0 Karma

dominiquevocat
Motivator

Hi, well there is some preexisting codebase like the excel creator add-in and the OData one... spending some time to create a decent working excel output would be really really really useful.

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...