https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591402#M205877 <P>I am assuming you mean Logs.&nbsp; To get logs into Splunk Cloud,&nbsp; do the same thing as you do for on prem - Configure forwarders and point them to the splunk cloud indexers.<BR /><BR /><A href="https://docs.splunk.com/Documentation/Forwarder/8.2.5/Forwarder/HowtoforwarddatatoSplunkCloud" target="_blank">https://docs.splunk.com/Documentation/Forwarder/8.2.5/Forwarder/HowtoforwarddatatoSplunkCloud</A></P> Wed, 30 Mar 2022 06:13:06 GMT neerajs_81 2022-03-30T06:13:06Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591380#M205868 <P>Can I get data in Splunk Cloud Platform?<BR />and how can i get it (REST API, library in python,...)<BR />Any help is appreciated</P> Wed, 30 Mar 2022 17:26:32 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591380#M205868 tienduyf9 2022-03-30T17:26:32Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591402#M205877 <P>I am assuming you mean Logs.&nbsp; To get logs into Splunk Cloud,&nbsp; do the same thing as you do for on prem - Configure forwarders and point them to the splunk cloud indexers.<BR /><BR /><A href="https://docs.splunk.com/Documentation/Forwarder/8.2.5/Forwarder/HowtoforwarddatatoSplunkCloud" target="_blank">https://docs.splunk.com/Documentation/Forwarder/8.2.5/Forwarder/HowtoforwarddatatoSplunkCloud</A></P> Wed, 30 Mar 2022 06:13:06 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591402#M205877 neerajs_81 2022-03-30T06:13:06Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591440#M205899 <P>Looks like you are misunderstanding what I mean.<BR />I mean I already have my data on Splunk Cloud (New Relic App) and I want to get them by python (AWS Lambda).<BR />Can you tell me how to get the data using REST API or any other way?</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="tienduyf9_0-1648628958885.png" style="width: 400px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/18842iAC86236FEB28FAA6/image-size/medium?v=v2&amp;px=400" role="button" title="tienduyf9_0-1648628958885.png" alt="tienduyf9_0-1648628958885.png" /></span></P><P>&nbsp;</P> Wed, 30 Mar 2022 08:31:13 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591440#M205899 tienduyf9 2022-03-30T08:31:13Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591467#M205904 <P>Just use the search REST API endpoint to execute a search against your splunk indexes and get the results.</P> Wed, 30 Mar 2022 10:30:31 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591467#M205904 PickleRick 2022-03-30T10:30:31Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591482#M205909 <P><A href="https://docs.splunk.com/Documentation/Splunk/8.2.5/RESTTUT/RESTandCloud" target="_blank">https://docs.splunk.com/Documentation/Splunk/8.2.5/RESTTUT/RESTandCloud</A><BR /><BR />And u can always try the AWS App for Splunk but that is for ingesting data from AWS into splunk. I think yours is other way round.<BR /><BR /></P> Wed, 30 Mar 2022 11:33:18 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591482#M205909 neerajs_81 2022-03-30T11:33:18Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591582#M205936 <P>You can use Splunk Python SDK to run Splunk queries.</P><P><A href="https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/" target="_blank">https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/</A></P><P><A href="https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/howtorunsearchespython/" target="_blank">https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/howtorunsearchespython/</A>&nbsp;</P><P>For example, if you want to get all the indexes data, you can run "<STRONG>| search index=*</STRONG>" search.</P><P>If you want to continuously get data coming to Splunk to your Python script run your search query in real-time. (<A href="https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/howtorunsearchespython/#To-create-a-basic-export-search-and-display-results" target="_blank">https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/howtorunsearchespython/#To-create-a-basic-export-search-and-display-results</A>)</P> Wed, 30 Mar 2022 17:13:39 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591582#M205936 VatsalJagani 2022-03-30T17:13:39Z https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591593#M205940 <P>The question really is what is the use case. Because indeed, you can do searches on indexed data and copy it out (I'd rather not advise running a realtime search for this) but it's a highly suboptimal. If you want to copy data somewhere else apart from indexing it in splunk, you should rather use some routing within splunk and send it to another system before indexing.</P> Wed, 30 Mar 2022 17:27:37 GMT https://community.splunk.com/t5/Splunk-Search/Can-I-get-data-out-Splunk-Cloud-Platform/m-p/591593#M205940 PickleRick 2022-03-30T17:27:37Z