Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I specify the permissions of the .csv file when using outputcsv

reneshs
New Member
‎05-03-2012 03:25 AM

I currently have a scheduled search that generates a .csv report using the outputcsv command at the end of the search. Im currently running Splunk on a Linux server and I notice the owner of the .csv file is "nobody" and when I try to open the file I get a "permission denied" Is there any way to allow Splunk to generate the file and provide read access to everyone when the file is generated?

Tags (2)
0 Karma
Reply

sdwilkerson
Contributor
‎05-03-2012 06:28 AM

reneshs,

I don't believe Splunk will do this natively. Its job is not filesystem management. It does have granular RBAC (Role-based Access Controls) that can be applied inside of Splunk; however, I don't know of anything that would allow you to manipulate the results once it got to the filesystem.

You can do this outside of Splunk if you want, by having your savedsearch trigger a shell script upon successful completion that would chown/chmod the files/directory that Splunk wrote the results to. You can read more about it here: http://docs.splunk.com/Documentation/Splunk/latest/admin/Configurescriptedalerts

Best,

Sean

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...