- Find Answers
- :
- Splunk Administration
- :
- Deployment Architecture
- :
- Univarsal Forwarder to Heavy Forwarder then conver...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Univarsal Forwarder to Heavy Forwarder then convert Binary data to CSV on Heavy Forwarder and then send data to indexer?
1.My universal forwarder sending Binary data to Heavy Forwarder in Index name as "Binary_index" .
2.On heavy Forwarder I want to convert these Binary data to csv format,for which I have written python script and then send CSV data to splunk instance.
But I don't know I to achieve this
please provide me solution with configuration files details for every steps.
It would be great help if you provide detailed solution for this,since I am new to splunk .
please provide the configuration files details for reading binary data on universal forwarder side.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Team,
how we can save binary data using outlookup command and convert it to csv using my python script and send it to splunk instance
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@ajitshukla
I think you can save it using outlookup command. and can normally forward the data to splunk instance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
how we can save binary data using outlookup command and convert it to csv using my python script and send it to splunk instance
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are two things: (for the below approach there is no need to python script)
1. First you can locally index the data and send it to some other server as well. Check the below link:
https://docs.splunk.com/Documentation/Splunk/7.2.3/Forwarding/Routeandfilterdatad
2. Now after data is indexed, you can schedule a report in Splunk where you can outputlookup search results in csv.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
but converting binary data to csv logic is inside python script ,So I have to use this python script for binary to csv conversion
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@ajitshukla
Thats what i am saying there is no need to convert using python. You can do the same login on SPL and send the result using outputlookup.
New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...
Improve Data Pipelines Using Splunk Data Management
3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?
