Is there a way to modify the way Splunk Exports Results to an XML Output?


Is there a way where I can modify the Schema for the way Splunk Generates the XML output when exporting Results?

Its fantastic the way Splunk Exports the results to an awesome looking XML, but it would be good If I had control of the XML Schema.

An alternative (although not a simple method) would be to write your own Python script to handle the results and output it as you please.
Using this method you could format the results however you wished.

No, there is not. You could always apply a given XSL transformation to the Splunk output to turn it to your desired schema though.

