Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
413 results
Sorted by:
07-15-2015
02:09 AM
5 Karma
Could anyone tell me the difference between outputlookup and outputcsv?
If there no differences, is there any specifications to use the above in various circumstances?
Regards,
Naga
08-14-2019
02:55 AM
...ost_to_trigger triggertime| fields - _raw | outputcsv rtetriggering_ICP.txt
| where isnotnull(host_to_trigger) and isnotnull(decision)
| map maxsearches=20 search="dbxquery query=\"call S...
a month ago
Hi all, I have a scedulated serach every 30 minutes, which extracts a file in csv search | outputcsv MyFile I need to put a daily sequence in the file name file name MyFile_01 (first f...
Labels
- Labels:
-
field extraction
02-07-2012
12:16 AM
Hi all,
I am using the outputcsv command to export the results to a text file as follows:
| outputcsv results.txt
This exports the results to $SPLUNK_HOME/var/run/splunk/results.txt
I...
11-04-2011
08:17 AM
1 Karma
Is there a way to remove the Header column row after performing the outputcsv command during a Splunk search?
02-03-2012
02:34 AM
2 Karma
...ields - _* | outputcsv results.txt
The problem is that each time the search runs, results.txt gets overridden. I would like to automatically append the time and date to the name of the file Eg. results_3-2-1...
- Tags:
- outputcsv
Show results in replies (6)
-
outputcsv uses double quotes to enclose some fields. It shouldn't be enclosing complete lines.
-
...ipeline, including after outputcsv . By default however, a subsearch returns a string that is f...
-
..... Any Ideas? my command: outputcsv [ search * | head 1 | eval query="All_lab_new_".strftime(n...
-
That's good, but here's a less ugly one 🙂 <my search here> | outputcsv [ | stats c...
-
...ml as raw | fields raw | fields - _* | outputcsv [search * | head 1 | eval query="results".strftime(n...
-
..._%H%M") iseval = 1 Then your search would look like this: <my search here> | outputcsv...
05-09-2013
10:55 AM
...hould work with some tweaking i suppose?
| inputcsv append=true edge_lookup.csv | eval dns=somehost.somedomain.com | eval ip="199.156.128.1" | eval country=mexico | outputcsv edge_lookup.csv
I...
08-11-2014
05:42 AM
Outputcsv command will export the log to a csv file in var\run\splunk location. I have used only enterprise trial version of splunk and i want to know how will it be in real scenario where we have m...
- Tags:
- outputcsv
08-12-2010
08:03 PM
1 Karma
How can I get outputlookup or outputcsv to only include certain fields in the resulting lookup file?
An example explains it better:
SEARCH | DEDUP FieldName1 | FIELDS FieldName1, F...
