How to get SharePoint excel files in to Splunk?

kiran331 · ‎12-12-2016

Hi

What is the best practice to get the SharePoint excel files, which will be added every week to get in to Splunk as lookups?

nabeel652 · ‎12-19-2016

The best way is to pull the SharePoint list through a PowerShell Script and ingest in Splunk and schedule it through your heavy/light forwarder. Send the XML query that will look like this:
-- snip
< List>
< Query>
< Where>
< And>
< Geq>
< FieldRef Name='EventDate'/>
< Value Type='DateTime'>
< Today/>
< /Value>
< /Geq>
< Leq>
< FieldRef Name='EventDate'/>
< Value Type='DateTime'>
< Today OffsetDays='+30'/>
< /Value>
< /Leq>
< /And>
< /Where>
< /Query>
< /List>
-- endsnip

Use GetSPList command in Powershell to send the query and receive the results. You may need to install SPClient_x64 or SPClient_x86 based on your system. Cheers

user1 · ‎11-10-2022

Hi, I am a novice user and I need my dashboard to take the data from an excel that is in sharepoint, could you send a sample script? What are the steps to incluye it in splunk?

Thank you very much

vinod743374 · ‎04-28-2024

Hi @user1

I do have the same requirement, Did you find the Solution for it.

Can you Please share the details about it.

Thanks in Advance.

How to get SharePoint excel files in to Splunk?

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Splunk MCP & Agentic AI: Machine Data Without Limits

Join the Conversation

How to get SharePoint excel files in to Splunk?

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Splunk MCP & Agentic AI: Machine Data Without Limits