Hey,
Is it possible to export every field from a Splunk Search via a Dashboard?
Thanks,
Patrick
Hi @POR160893,
you could create a dashboard with one panel containing all the fields you want from one or more indexes.
Then you can use the "Export" button on the bottom of the panle to export all the results in a csv file.
If instead you directly want the export in csv, you could create an alert, scheduled e.g. every day, containing all the results in csv file.
Ciao.
Giuseppe
ll, all the fields he wants exported depends on the panel on the dashboard. The dashboard on questions has 2 panels. So, 4 different searches. Depending on what dashboard he wants the results to export, he wants all the corresponding search events for that particular search exported into a CSV file.
So, can you help?
Hi @POR160893,
as I said, in the bottom of each panel there's the Export button to export the results of the search on the single panel.
The only exception is if you use a Post Process Search because, in this case, the Export button is disabled and the only way is to open the panel search in the Search Dashboard and then export by that dashboard
You cannot export all the results of all panels, the only way is to create a dedicated search and put it in another panel, or, as I said, in a scheduled alert.
Ciao.
Giuseppe