Miscellaneous Operations
Exporting Events to Files
You can run the phExportEvent tool from a Supervisor or Worker node to export events to CSV files. The file will contain these fields:
| phExportEvent Command | Description |
| DESTINATION_DIR | Destination directory where the exported event files are saved |
| START_TIME | Starting time of events to be exported. The format is YYYY-MM-DD HH:MM:SS {+|-} TZ. If TZ is not given, local time zone of the machine where the script is running will be used. Example: 2010-03-10 23:00:00 -8 means Pacific Standard Time, 23:00:00 03/10/2010. 2010-07-29 10:20:00 +5:30 means India Standard Time 10:20:00 07/29/2010. |
| RELATIVE_START_TIME | Starting time of events to be exported relative backward to the end time as specified using –endtime END_TIME
. The format is where NUM is the number of days or hours or minutes. For example, –relstarttime 5d means the starting time is 5 days prior to the ending time. |
| END_TIME | Ending time of events to be exported. The format is the same as START_TIME. |
| RELATIVE_END_TIME | Ending time of events to be exported relative forward to the start time as specified using START_TIME. The format is same as RELATIVE_START_TIME. |
| DEVICE_NAME | Host name or IP address of the device with the events to be exported. Use a comma-separated list to specify multiple IPs or host names, for example, –dev 10.1.1.1,10.10.10.1,router1,router2. Host name is case insensitive |
| ORGANIZATION_NAME | Used only for multi-tenant deployments. The name of the organization with the events to be exported. To specify multiple organizations, enter a commandeach for one organization, for example, –org “Public Bank” –org “Private Bank”. The organization name is case insensitive. |
| TIME_ZONE | Specifies the time zone used to format the event received time in the exported event files. The format is {+|-}TZ, for example, -8 means Pacific Standard Time, +5:30 means India Standard Time. |