Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How Do you generate CSV File on Schedule basis (eg: Say at 6:00 AM) automatically to a file location

apandura
New Member
‎02-02-2015 02:06 PM
 
Tags (2)
0 Karma
Reply

aljohnson_splun
Splunk Employee
Splunk Employee
‎02-02-2015 03:15 PM

First, Schedule your report and end it with the ouputcsv command 

sourcetype=foo | stats count by bar | outputcsv foobar.csv

Choose what time the report runs enable actions 'Run a Script'.

Write a script like this that moves them to the location of your choice

#!/bin/bash
NOW=$(date +"%m-%d-%Y")
OUTFILE="data.$NOW.csv"
mv $SPLUNK_HOME/var/run/splunk/foobar.csv /my/favorite/csv/hideway/OUTFILE

Upload the script to $SPLUNK_HOME/bin/scripts/
Specify the script in the scheduling options.

Relevant step-by-step documentation here

Reply

apandura
New Member
‎02-03-2015 11:45 AM

Our splunk installation is Managed services on AWS server. How can I get access to "$SPLUNK_HOME/bin/scripts/" directory? So I can get Script in that folder.

Thanks
AP

0 Karma
Reply

aljohnson_splun
Splunk Employee
Splunk Employee
‎02-03-2015 12:46 PM

Managed by some external party ? Talk to your administrator for SSH access:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html

Otherwise it would be a security vulnerability, right ?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...