Getting Data In

How Do you generate CSV File on Schedule basis (eg: Say at 6:00 AM) automatically to a file location

apandura
New Member
 
Tags (2)
0 Karma

aljohnson_splun
Splunk Employee
Splunk Employee

First, Schedule your report and end it with the ouputcsv command

sourcetype=foo | stats count by bar | outputcsv foobar.csv

Choose what time the report runs enable actions 'Run a Script'.

Write a script like this that moves them to the location of your choice

#!/bin/bash
NOW=$(date +"%m-%d-%Y")
OUTFILE="data.$NOW.csv"
mv $SPLUNK_HOME/var/run/splunk/foobar.csv /my/favorite/csv/hideway/OUTFILE

Upload the script to $SPLUNK_HOME/bin/scripts/
Specify the script in the scheduling options.

Relevant step-by-step documentation here

apandura
New Member

Our splunk installation is Managed services on AWS server. How can I get access to "$SPLUNK_HOME/bin/scripts/" directory? So I can get Script in that folder.

Thanks
AP

0 Karma

aljohnson_splun
Splunk Employee
Splunk Employee

Managed by some external party ? Talk to your administrator for SSH access:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html

Otherwise it would be a security vulnerability, right ?

0 Karma
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...