Export data using the dump command
You can use the
dump search command to export large collections of events onto a local disk. You can use this command with the CLI, Splunk SDK, and Splunk Web.
The basic syntax of the
dump command is:
dump basefilename=<string> [rollsize=<number>] [compress=<number>] [format=<string>] [fields=<comma-delimited-string>]
<format> is the data format of the dump file that you are creating. Your format options are
For search examples and full explanations of the required and optional arguments, see the
dump command in the Search Reference.
Export data using the Splunk SDKs
Forward data to third-party systems
This documentation applies to the following versions of Splunk Cloud™: 7.0.13, 8.2.2106, 8.0.2007, 8.0.2006, 8.1.2009, 8.1.2011, 8.1.2012 (latest FedRAMP release), 8.1.2101, 8.1.2103, 8.2.2104, 8.2.2105