Hi .
I have a scheduled search which runs for every 5 min . How do i save these results in a csv file ? when using the outputlookup its actually showing me the last 5 min results ..Is there any way to append search results to csv file ?
Thnx in advance.
probably should look at the "outputcsv" command, this will output results into csv format within the $SPLUNK_HOME/var/run/splunk directory. If you wanted it elsewhere, you could probably write a simple script to move the file after it has been passed through the outputcsv command.
probably should look at the "outputcsv" command, this will output results into csv format within the $SPLUNK_HOME/var/run/splunk directory. If you wanted it elsewhere, you could probably write a simple script to move the file after it has been passed through the outputcsv command.
actually i would like to update the same file with the search results that are generated for every 5 min...