Getting Data In

CSV default output directiry

christantoy
Path Finder

Hi Ninjas

I would like to know if it possible to change the default csv file output directory below

Results written to file '/splunks/9000/splunk/var/run/splunk/mysearch.csv'

if is possible can you share it to me on how to? I read some others documents but no luck..

and the purpose of changing the default directory because i want to monitory my csv file outputs and to be send it to another server/client using custom scripts.

-----------00000-----------------
Regards and Thanks in Advance
Splunk Ninja From Philippines!

Tags (2)
0 Karma

Damien_Dallimor
Ultra Champion

If I were you I would consider performing the export from your custom script using Splunk's REST API.You can then export the results in csv format directly into your custom script for processing.A much simpler and more elegant architecture.

We have several language SDK's that make is easier to use the REST API also.

There are many examples available of how to perform the export , for example , here is a python example for exporting to a file.

christantoy
Path Finder

Thank you.

hmm this one is tough for me for a newbie... maybe i need to read it first.

btw this is my case

i have a search to create a .csv format after that i need to send the .csv file via script.

0 Karma
Get Updates on the Splunk Community!

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...

Cisco Use Cases, ITSI Best Practices, and More New Articles from Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...