Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Need to find outputcsv subroutine python file

ShaneNewman
Motivator
‎02-26-2013 10:35 AM

I have a savedsearch that needs to run and output a physical file, which a file name that contains a variable with the date in a particular format. I have the search, which works great... The issue I have is with where the outputcsv command puts the csv file that is generated (SPLUNK_HOME\var\run\splunk). I need to move this to either SPLUNK_HOME\apps\app_name\lookups or completely out of the Splunk directory, which will be the end result anyway.

I need to know the name of the *.py file in Splunk that contains the script for the outputcsv subroutine OR the name of the file that contains the output directory for the outputcsv subroutine. I can handle it from there, I have just not been successful in locating this python script.

Reply
1 Solution
Solved! Jump to solution
Solution

kallu
Communicator
‎03-31-2013 02:02 PM

Would Outputlookup work better than outputcsv ?

(or you can extend splunk with your own output -cmd that lets you specify directory & filename, and creates a huge security issue too 🙂

View solution in original post

Reply
Solved! Jump to solution

ShaneNewman
Motivator
‎04-22-2013 11:26 AM

I appreciate that... Any luck as of yet?

0 Karma
Reply
Solved! Jump to solution
Solution

kallu
Communicator
‎03-31-2013 02:02 PM

Would Outputlookup work better than outputcsv ?

(or you can extend splunk with your own output -cmd that lets you specify directory & filename, and creates a huge security issue too 🙂

Reply
Solved! Jump to solution

ShaneNewman
Motivator
‎04-01-2013 09:12 AM

Until we figure out exactly where this script lives, we have a PowerShell script running on a regular basis to move the files from the app folder to a shared folder that has been setup.

0 Karma
Reply
Solved! Jump to solution

sowings
Splunk Employee
Splunk Employee
‎03-31-2013 05:53 AM

It may not BE a script, it could be built-in. I'll dig.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2026-2027 SplunkTrust is officially open. If ...