First, Schedule your report and end it with the ouputcsv
command
sourcetype=foo | stats count by bar | outputcsv foobar.csv
Choose what time the report runs enable actions 'Run a Script'.
Write a script like this that moves them to the location of your choice
#!/bin/bash
NOW=$(date +"%m-%d-%Y")
OUTFILE="data.$NOW.csv"
mv $SPLUNK_HOME/var/run/splunk/foobar.csv /my/favorite/csv/hideway/OUTFILE
Upload the script to $SPLUNK_HOME/bin/scripts/
Specify the script in the scheduling options.
Our splunk installation is Managed services on AWS server. How can I get access to "$SPLUNK_HOME/bin/scripts/" directory? So I can get Script in that folder.
Thanks
AP
Managed by some external party ? Talk to your administrator for SSH access:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html
Otherwise it would be a security vulnerability, right ?