Solved: Need to find outputcsv subroutine python file

ShaneNewman · ‎02-26-2013

I have a savedsearch that needs to run and output a physical file, which a file name that contains a variable with the date in a particular format. I have the search, which works great... The issue I have is with where the outputcsv command puts the csv file that is generated (SPLUNK_HOME\var\run\splunk). I need to move this to either SPLUNK_HOME\apps\app_name\lookups or completely out of the Splunk directory, which will be the end result anyway.

I need to know the name of the *.py file in Splunk that contains the script for the outputcsv subroutine OR the name of the file that contains the output directory for the outputcsv subroutine. I can handle it from there, I have just not been successful in locating this python script.

kallu · ‎03-31-2013

Would Outputlookup work better than outputcsv ?

(or you can extend splunk with your own output -cmd that lets you specify directory & filename, and creates a huge security issue too 🙂

View solution in original post

ShaneNewman · ‎04-22-2013

I appreciate that... Any luck as of yet?

kallu · ‎03-31-2013

Would Outputlookup work better than outputcsv ?

(or you can extend splunk with your own output -cmd that lets you specify directory & filename, and creates a huge security issue too 🙂

ShaneNewman · ‎04-01-2013

Until we figure out exactly where this script lives, we have a PowerShell script running on a regular basis to move the files from the app folder to a shared folder that has been setup.

sowings · ‎03-31-2013

It may not BE a script, it could be built-in. I'll dig.

Need to find outputcsv subroutine python file

Best Strategies to Optimize Observability Costs

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...