Skip to content

December 6, 2017

Download Splunk _raw data from Index using the Web Interface

by Criss Davis

Select the appropriate time range.

In the Splunk search window, search for the index and table the _raw data.

Capture1.PNG

Download the search results. Click on the Export button.

Capture2.PNG

Save the file as a csv.

Capture1.PNG

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: