I need to run the search query on splunk like
sourcetype="agent"|spath path="EID" output="EventID"|search EventID=3|table *
I am getting 5 fields for EventID=3. I need to send the values of all five fields over some time range to non splunk server as csv file.
Right now I am using java for socket communication and Java SDK to interact with splunk.This is my approach. Today I was reading something about forwarders.
My question is :
1. Can forwarders do the same thing for me?
2. for accomplish my requirement, Using forwarders is better approach than socket communication or I am just getting confused?
3. If No.What kind of forwarder I can use for this.
Thanks,
Disha
... View more