Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk report upload to a OneDrive link

Chayan19
Engager
‎07-10-2025 03:02 AM

How can I automate the process of exporting a Splunk report and uploading it to a OneDrive link? Does anyone have experience or suggestions on how to achieve this?

Labels (3)
0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
‎07-10-2025 05:50 AM

Hi @Chayan19 

Unfortunately I dont think there are any apps currently in Splunkbase to achieve this, as @PickleRick you might have some success with HTTP Alert Action - *however* I believe that the OneDrive API requires authentication using OAuth2.0 which I dont think you will be able to do with that approach. 

The only thing I can think of is using the "Export Everything" app which can send to "Azure Blob & Data Lake Object Storage" - From here you'd be within the Azure ecosystem so may be able to use a service account to push it to OneDrive via a function? Might become a little complicated though!

Other than that I think it'd need to be a custom Python alert action which would need developing.

Sorry I couldnt be of any more help!

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

Reply

PickleRick
SplunkTrust
SplunkTrust
‎07-10-2025 04:29 AM

You could try to use HTTP Alert Action to push the report with HTTP REST API according to https://learn.microsoft.com/en-us/onedrive/developer/rest-api/api/driveitem_put_content?view=odsp-gr...

But I've never tried it myself.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...