How to download the raw log files from splunk

Question

Where I work they just switched to splunk, but I just need the raw log file so I can work with it in notepad++ for debugging. So my question is can I get the raw log file from splunk, I don't need any of the "features" of splunk I just need the raw log files. So how can I get that.

score 4 · Accepted Answer · answered Jan 25 '20 at 06:01

4

Run index=<...> | fields _raw

Then, you can export the files in CSV format. https://docs.splunk.com/Documentation/Splunk/latest/Search/ExportdatausingSplunkWeb

What do you need to do in notepad++ that you can't do in Splunk directly?

answered Jan 25 '20 at 06:01

Simon Duff

2,631
2
7
15

Sorry on the delay of accepting the answer, but this is what I needed thanks. – mpop May 19 '20 at 18:58
4

the problem is, that you need a search first to be able to download it. I'm in the same boat as the original poster. I want to look at log files, scroll through them, find errors and warnings, look for things that seem strange, anything that you usually do with a log file. Finding errors in your log files with splunk is a nightmare. – EasterBunnyBugSmasher Sep 17 '20 at 16:20

How to download the raw log files from splunk

1 Answers1