Run Splunk query through excel

splunk_learner_ · ‎03-13-2020

I am new to Splunk and still learning..

I have more than 100 queries to run when asked during a daily activity and its a pain to copy and do a paste each and every time asked to run by the team for some kind of validation..

Is there any way I can simply run them through excel like a click on query [ by making it as link ] and it simply deploy splunk in browser and run the query? Or any other option to serve the purpose ?

any help would be appreciated..

Thanks...

markthomsen · ‎03-14-2020

Maybe this can be done using lookups and the API. You'd load your spreadsheet as a lookup, then use API calls to read that lookup and execute each record (SPL Query) in your spreadsheet. Now that I think about it, you'd have to create a bash or python script to do this, I think.

jpalacian · ‎03-13-2020

I'd answer the same like skoelpin, maybe I can add that you can save your queries as reports and your users can access them whenever they need.

skoelpin · ‎03-13-2020

Sounds like a dashboard with multiple panels would be a better option. Also consider scheduled searches which can email results or trigger another action.

Run Splunk query through excel

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!