Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How do I specify the permissions of the .csv file when using outputcsv

reneshs
New Member
‎05-03-2012 03:25 AM

I currently have a scheduled search that generates a .csv report using the outputcsv command at the end of the search. Im currently running Splunk on a Linux server and I notice the owner of the .csv file is "nobody" and when I try to open the file I get a "permission denied" Is there any way to allow Splunk to generate the file and provide read access to everyone when the file is generated?

Tags (2)
0 Karma
Reply

sdwilkerson
Contributor
‎05-03-2012 06:28 AM

reneshs,

I don't believe Splunk will do this natively. Its job is not filesystem management. It does have granular RBAC (Role-based Access Controls) that can be applied inside of Splunk; however, I don't know of anything that would allow you to manipulate the results once it got to the filesystem.

You can do this outside of Splunk if you want, by having your savedsearch trigger a shell script upon successful completion that would chown/chmod the files/directory that Splunk wrote the results to. You can read more about it here: http://docs.splunk.com/Documentation/Splunk/latest/admin/Configurescriptedalerts

Best,

Sean

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...