I would like to know if it is possible in Splunk to trigger a search (with regular expressions), generate the report, and return it through an email / save in some location ??
We are doing a POC to know if we can integrate Splunk to our support ticket system (we use Salesforce for raising ticket and interacting with customers).
Let me know your thoughts.
Thanks in advance.
If you are going the email route, then it is exceedingly straight-forward as @jimodonald says. If you need an automatic ftp-based solution, then first decide on a naming convention for your files (e.g. "MySillyFiles-YYYY-MM-DD.csv"). Then setup a
cron job on your Search Head to look for files in
$SPLUNK_HOME/var/run/splunk/ and transfer them to your share (deleting them afterwards). Lastly, setup a saved search to generate the report data and end the search command with
i see splunk 6 also we cannot use pdf option for advanced xml. I have created views with advanced xml and need to generate pdf of the entire view.
I am searching in side view utils, if that have any improvisation that can help me.
This is a completely different question so you should ask a new question for this. Additionally, you should "Accept" an answer under this question to close it off, since the original question was answered adequately.
Scheduling reports and having the report emailed is well documented in the Reporting Manual. Please reference it here: http://docs.splunk.com/Documentation/Splunk/6.2.3/Report/Schedulereports
I am not aware of a simple method to save the PDF to a specific location. I'm sure it is possible, but I've not come across that need yet.