Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Is it possible in Splunk to trigger a search, gene...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is it possible in Splunk to trigger a search, generate a report, and email it or save the report in some location?
Hi Team,
I would like to know if it is possible in Splunk to trigger a search (with regular expressions), generate the report, and return it through an email / save in some location ??
We are doing a POC to know if we can integrate Splunk to our support ticket system (we use Salesforce for raising ticket and interacting with customers).
Let me know your thoughts.
Thanks in advance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you are going the email route, then it is exceedingly straight-forward as @jimodonald says. If you need an automatic ftp-based solution, then first decide on a naming convention for your files (e.g. "MySillyFiles-YYYY-MM-DD.csv"). Then setup a cron job on your Search Head to look for files in $SPLUNK_HOME/var/run/splunk/ and transfer them to your share (deleting them afterwards). Lastly, setup a saved search to generate the report data and end the search command with | outputcsv.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi woodcock,
i see splunk 6 also we cannot use pdf option for advanced xml. I have created views with advanced xml and need to generate pdf of the entire view.
I am searching in side view utils, if that have any improvisation that can help me.
Thank you
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is a completely different question so you should ask a new question for this. Additionally, you should "Accept" an answer under this question to close it off, since the original question was answered adequately.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Scheduling reports and having the report emailed is well documented in the Reporting Manual. Please reference it here: http://docs.splunk.com/Documentation/Splunk/6.2.3/Report/Schedulereports
I am not aware of a simple method to save the PDF to a specific location. I'm sure it is possible, but I've not come across that need yet.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi jim
Thank you for answering.
I see pdf will be a better option for me than csv as i have colorful bar chart dashboards in my view.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass
May 2026 Splunk Expert Sessions: Security & Observability
