Splunk SOAR (f.k.a. Phantom)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how to export JSON to CSV

prasanthkota
Engager
‎07-14-2023 12:08 AM

Hello All,

New to SPLUNK SOAR. Is there a function or developed by someone where i am trying to export the JSON (output of a splunk query) to CSV? The intent is to add the attachment to our incident management system.

Labels (2)
0 Karma
Reply

prasanthkota
Engager
‎07-14-2023 01:30 AM

Thanks @phanTom , I am new to Splunk Soaring is there a custom function that is already built for this? Its ok even if its a basic one I can modify based on the requirement. 

0 Karma
Reply

phanTom
SplunkTrust
SplunkTrust
‎07-14-2023 01:10 AM

@prasanthkota you would need to use a custom function to take the JSON results and then build a csv, attach it to the vault, then used that vault file to send to your ticketing system. 

https://docs.splunk.com/Documentation/SOARonprem/6.1.0/PlaybookAPI/VaultAPI 

 

- Happy SOARing! Please mark as a solution if it solved your question. -

Reply
Get Updates on the Splunk Community!

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

.conf24 is taking place at The Venetian in Las Vegas from June 11 - 14. Continue reading to learn about the ...

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...