Re: CLI Search - Export JSON File?

cramasta · ‎10-06-2011

Can I run a CLI search that will output the results to a file in json format?
Thanks,
Joe

scelikok · ‎09-15-2022

You can export any search output as json using below sample;

curl -k -u admin:changeme https://localhost:8089/services/search/jobs/export -d search="search sourcetype=access_* earliest=-7d" -d output_mode=json -o /path/to/local/file.json

If this reply helps you an upvote and "Accept as Solution" is appreciated.

zsbbb · ‎09-15-2022

New to splunk and bringing this back up - how does one do this?

For context, I have a splunk container running on docker, and was hoping to translate the splunk index data into json using a cli search and saving the output as a local file.

Thanks!

araitz · ‎04-18-2012

Coming soon to a Splunk version near you, watch the release notes...

CLI Search - Export JSON File?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Mile High Learning with Splunk University, Denver, Colorado

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

Join the Conversation