Reporting

Export normal events instead of csv format with NO limit

Contributor

Hai there,

I know how to add csv with outputcsv and also found an older command

./splunk search '*' -format normal > file-name

Valid types are: custom, normal, xml, csv, table

But this only takes a few lines...so the question is, is this possbile to get more events?

case is that I see data which is flowing on a port, and I want to extract stuff etc, but when I export I have to deal with the commas. ( I mentioned this cause maybee there is another way!)

Tags (1)
0 Karma
1 Solution

Splunk Employee
Splunk Employee

Use the -maxout parameter. If you're monitoring on a port, you might just use real-time search parameters to keep a continuous flow of events as they come in instead

View solution in original post

Splunk Employee
Splunk Employee

Use the -maxout parameter. If you're monitoring on a port, you might just use real-time search parameters to keep a continuous flow of events as they come in instead

View solution in original post

State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!