Solved: custom CSV filename with timestamp in email alerts

cramasta · ‎04-18-2012

I would like to customize the csv filename that gets sent in the email alerts while also including a time stamp in the file name.

cramasta · ‎04-18-2012

i went poking around in the sendemail.py file.

What i ended up doing was commenting out the following line....

#filename = "splunk-results.csv"

And then I added the following two lines below it......

datestamp = time.strftime('%m-%d-%y')

filename = '%s-%s.csv' % (subject, datestamp)

What this ends up doing is naming the csv file with the email subject name that you define in the saved search and it also adds the timestamp to the end of filename as well.

mynewshinnyfilename-4-18-12.csv

View solution in original post

cramasta · ‎04-18-2012

i went poking around in the sendemail.py file.

What i ended up doing was commenting out the following line....

#filename = "splunk-results.csv"

And then I added the following two lines below it......

datestamp = time.strftime('%m-%d-%y')

filename = '%s-%s.csv' % (subject, datestamp)

What this ends up doing is naming the csv file with the email subject name that you define in the saved search and it also adds the timestamp to the end of filename as well.

mynewshinnyfilename-4-18-12.csv

vkakani60 · ‎07-13-2017

Hope splunk team would consider your answer and modify the sendemail in coming releases. very helpful.

jbsplunk · ‎04-18-2012

It would be better if you could ask the question first with one post, and then post the answer to the question. After that you can accept your answer.

custom CSV filename with timestamp in email alerts

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk