Export data using the dump command
You can use the dump
search command to export large collections of events onto a local disk. You can use this command with the CLI, Splunk SDK, and Splunk Web.
The basic syntax of the dump
command is:
dump basefilename=<string> [rollsize=<number>] [compress=<number>] [format=<string>] [fields=<comma-delimited-string>]
The <format>
is the data format of the dump file that you are creating. Your format options are raw
, csv
, tsv
,xml
, and json
.
For search examples and full explanations of the required and optional arguments, see the dump
command in the Search Reference.
Export data using the Splunk SDKs | Forward data to third-party systems |
This documentation applies to the following versions of Splunk Cloud Platform™: 8.2.2203, 8.2.2112, 8.2.2201, 8.2.2202, 9.0.2205, 9.0.2208, 9.0.2209, 9.0.2303, 9.0.2305, 9.1.2308, 9.1.2312, 9.2.2403, 9.2.2406 (latest FedRAMP release), 9.3.2408
Feedback submitted, thanks!