Search results can be exported by clicking on the export link above the search results. Does splunk provide a command/function that can be used in the search bar that pipes search results to a file and the file name can be specified?
yes, check mysearch | outputcsv myfile.csv
the file will be written in $SPLUNK_HOME/var/run/splunk folder
see
http://docs.splunk.com/Documentation/Splunk/4.3/SearchReference/Outputcsv
yes, check mysearch | outputcsv myfile.csv
the file will be written in $SPLUNK_HOME/var/run/splunk folder
see
http://docs.splunk.com/Documentation/Splunk/4.3/SearchReference/Outputcsv
no, this is the default location.
Another option is to use the command line search and pipe the result to a file in any folder you are.
example :
/opt/splunk/bin/splunk search "mysearch" -output /myfolder/myfile.csv
see http://docs.splunk.com/Documentation/Splunk/4.3/SearchReference/CLIsearchsyntax
Thanks, yannK. Can you specify the directory you want the result file save to?