We have a team that are creating a dashboard using a report generated by Splunk (they have their reasons for not using a Splunk dashboard before you ask!) and have asked for a report to be generated, stored on the local file system (or possibly a separate server) and then retrieved by their dashboard server either via ftp or scp.
Is there a method of doing this? Would it be simply an outputlookup command that creates a csv file on the server on which a script could run to push the report?
You could create a script with the alert. Schedule the alert, then choose action as your script, and then your script simply takes the csv file name and copies it over. This way the script runs after the scheduled search runs (csv gets created).