Splunk Dev
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Need to find outputcsv subroutine python file

ShaneNewman
Motivator
‎02-26-2013 10:35 AM

I have a savedsearch that needs to run and output a physical file, which a file name that contains a variable with the date in a particular format. I have the search, which works great... The issue I have is with where the outputcsv command puts the csv file that is generated (SPLUNK_HOME\var\run\splunk). I need to move this to either SPLUNK_HOME\apps\app_name\lookups or completely out of the Splunk directory, which will be the end result anyway.

I need to know the name of the *.py file in Splunk that contains the script for the outputcsv subroutine OR the name of the file that contains the output directory for the outputcsv subroutine. I can handle it from there, I have just not been successful in locating this python script.

Reply
1 Solution
Solved! Jump to solution
Solution

kallu
Communicator
‎03-31-2013 02:02 PM

Would Outputlookup work better than outputcsv ?

(or you can extend splunk with your own output -cmd that lets you specify directory & filename, and creates a huge security issue too 🙂

View solution in original post

Reply
Solved! Jump to solution

ShaneNewman
Motivator
‎04-22-2013 11:26 AM

I appreciate that... Any luck as of yet?

0 Karma
Reply
Solved! Jump to solution
Solution

kallu
Communicator
‎03-31-2013 02:02 PM

Would Outputlookup work better than outputcsv ?

(or you can extend splunk with your own output -cmd that lets you specify directory & filename, and creates a huge security issue too 🙂

Reply
Solved! Jump to solution

ShaneNewman
Motivator
‎04-01-2013 09:12 AM

Until we figure out exactly where this script lives, we have a PowerShell script running on a regular basis to move the files from the app folder to a shared folder that has been setup.

0 Karma
Reply
Solved! Jump to solution

sowings
Splunk Employee
Splunk Employee
‎03-31-2013 05:53 AM

It may not BE a script, it could be built-in. I'll dig.

Reply
Register for .conf25!
Get Updates on the Splunk Community!

Security Professional: Sharpen Your Defenses with These .conf25 Sessions

Sooooooooooo, guess what. .conf25 is almost here, and if you're on the Security Learning Path, this is your ...

First Steps with Splunk SOAR

Our first step was to gather a list of the playbooks we wanted and to sort them by priority.  Once this list ...

How To Build a Self-Service Observability Practice with Splunk Observability Cloud

If you’ve read our previous post on self-service observability, you already know what it is and why it ...
Top