Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk report upload to a OneDrive link

Chayan19
Observer
‎07-10-2025 03:02 AM

How can I automate the process of exporting a Splunk report and uploading it to a OneDrive link? Does anyone have experience or suggestions on how to achieve this?

Labels (3)
0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
‎07-10-2025 05:50 AM

Hi @Chayan19 

Unfortunately I dont think there are any apps currently in Splunkbase to achieve this, as @PickleRick you might have some success with HTTP Alert Action - *however* I believe that the OneDrive API requires authentication using OAuth2.0 which I dont think you will be able to do with that approach. 

The only thing I can think of is using the "Export Everything" app which can send to "Azure Blob & Data Lake Object Storage" - From here you'd be within the Azure ecosystem so may be able to use a service account to push it to OneDrive via a function? Might become a little complicated though!

Other than that I think it'd need to be a custom Python alert action which would need developing.

Sorry I couldnt be of any more help!

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎07-10-2025 04:29 AM

You could try to use HTTP Alert Action to push the report with HTTP REST API according to https://learn.microsoft.com/en-us/onedrive/developer/rest-api/api/driveitem_put_content?view=odsp-gr...

But I've never tried it myself.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Register for .conf25!
Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away.  Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

 Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...