- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- How to write splunk output in csv file using pytho...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I have created an application using Django Binding, where I have a code in Python in which wrote a search query whose output am willing to save in csv file.
Following is my code:
kwargs_normalsearch = {"exec_mode": "normal"}
searchquery_normal = 'search * |search sourcetype.....'
job = service.jobs.create(searchquery_normal, **kwargs_normalsearch)
for result in results.ResultsReader(job.results()):
c = csv.writer(open("C:/NewFile.csv", "wb"))
c.writerow([result])
When I open the NewFile, it shows output as :
OrderedDict([('Parameter', '221')])
what I want is to show,'Parameter ' as heading and '221' as row value in csv file. Can I even fetch this values from it in order to use it for another purpose.
Please Help...!!!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is a simple code example , expand on it as necessary , but it returns the search results in CSV format and dumps to a file.
args = {'host':'somehost','port':8089,'username':'admin','password':'foobar'}
service = Service(**args)
service.login()
job = service.jobs.create('search index=_internal | head 5', **{"exec_mode": "blocking"})
search_results = job.results(**{"output_mode": "csv"})
f = open("/Users/scoobydoo/NewFile.csv", 'w')
f.write(search_results.read())
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is a simple code example , expand on it as necessary , but it returns the search results in CSV format and dumps to a file.
args = {'host':'somehost','port':8089,'username':'admin','password':'foobar'}
service = Service(**args)
service.login()
job = service.jobs.create('search index=_internal | head 5', **{"exec_mode": "blocking"})
search_results = job.results(**{"output_mode": "csv"})
f = open("/Users/scoobydoo/NewFile.csv", 'w')
f.write(search_results.read())
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have executed the python query have the results.
The binding response reader results are in bytes and getting the TypeError while writing to CSV
Requesting help to export the search results to a CSV file.
Quick response is highly appreciated.
Thank you
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I had a question regarding output_mode for export search. In the export search, there's no search job created and the results are streamed. I wasn't able to find anything conclusive regarding setting output_mode of an export search to 'CSV'. I wanted to know how is it done?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Damien,
There is one more question in my mind.Is it possible that I can extract the values from search result , assign it to different variables and perform some arithmetic operations on it before saving it in csv file.??
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How about numpy.loadtxt(search_results, delimiter=',') ?
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
They're back! Join the SplunkTrust and MVP at .conf24
Enterprise Security Content Update (ESCU) | New Releases
