Connecting Splunk to Hadoop or other data platform...

tabkha · ‎06-08-2019

What is the best practice in terms of connecting Splunk to Hadoop or other data platforms, is data virtualization a solution ? Do solutions like Presto allow data to be linked between Splunk and Hadoop ? or is the only way to get the connection working to use a connect application for the Hadoop hdd data.

rdagan_splunk · ‎06-09-2019

The recommended way to read data from Hadoop to Splunk is to use Splunk Analytics for Hadoop: https://docs.splunk.com/Documentation/Splunk/latest/HadoopAnalytics/MeetSplunkAnalyticsforHadoop
The recommended way to write data from Splunk to Hadoop is to use Splunk Hadoop Data Roll: https://docs.splunk.com/Documentation/Splunk/latest/Indexer/ArchivingindexestoHadoop

If you want to use Presto, our recommendation is to use Splunk DB Connect (https://docs.splunk.com/Documentation/DBX) with Presto JDBC driver (for example, the JDBC found here https://prestodb.github.io/docs/current/installation/jdbc.html )

Connecting Splunk to Hadoop or other data platforms ?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation