Solved: Export CLI Savedsearch report results to CSV Windo...

whytepaul · ‎11-14-2012

I'm trying to get a straight forward Splunk CLI command to run on my Windows 7 box;

Execute a save search say MySearch and output the results to a CSV.

splunk search "|savedsearch MySearch" -outputcsv test.csv

I would expect the resulting CSV to appear in the C:\Program Files\Splunk\var\run\splunk directory but it doesn't.

The search results are appearing the command window indicating that the CLI command is running.

I have read that there can be some syntax issues running the CLI on a windows box.

What am I missing?

okrabbe_splunk · ‎11-14-2012

I think you want to just use the windows built in command line redirection.

ie. splunk search "|savedsearch MySearch" -output csv > test.csv

Please note that the output command is specifying the format and not the type of file. That is why you need to redirect the output to a file.

okrabbe_splunk · ‎11-14-2012

I think you want to just use the windows built in command line redirection.

ie. splunk search "|savedsearch MySearch" -output csv > test.csv

Please note that the output command is specifying the format and not the type of file. That is why you need to redirect the output to a file.

Export CLI Savedsearch report results to CSV Windows 7