All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to Pull SQL data into Splunk

bcusick
Communicator
‎01-23-2014 11:46 AM

Hi,

I am trying to pull data from a MSSQLSERVER table that updates in real time. This is a remote source. From my research I believe I will have to put a script in my input files. If someone could point me in the right direction it would be greatly appreciated!

This will have to be done without the use of Splunk's log forwarders...I am running Splunk 5.0.4.

-Brian

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ChrisG
Splunk Employee
Splunk Employee
‎01-23-2014 11:57 AM

Have you looked at the Splunk DB Connect app? Are you unable to use any forwarding at all?

View solution in original post

Reply
Solved! Jump to solution
Solution

ChrisG
Splunk Employee
Splunk Employee
‎01-23-2014 11:57 AM

Have you looked at the Splunk DB Connect app? Are you unable to use any forwarding at all?

Reply
Solved! Jump to solution

gauravp
New Member
‎01-19-2018 02:17 PM

Unfortunately only works with enterprise version.. How about splunk light?

0 Karma
Reply
Solved! Jump to solution

bcusick
Communicator
‎01-23-2014 01:48 PM

Thank you!

0 Karma
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎01-23-2014 01:40 PM

From the very next topic in the documentation (http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Configuredatabasemonitoring): "A Database input lets you fetch and index data from a SQL database. Unlike other input sources, database inputs are retrieved periodically by the DBmon scheduler."

0 Karma
Reply
Solved! Jump to solution

bcusick
Communicator
‎01-23-2014 01:37 PM

Thanks Chris. One last question which I could not find a specific answer on...would this require putting any sort of forwarder on the database server? Or is Splunk strictly just running a query against a connected database?

0 Karma
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎01-23-2014 01:27 PM

Yes, you can. http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Addadatabaseconnection

0 Karma
Reply
Solved! Jump to solution

bcusick
Communicator
‎01-23-2014 01:23 PM

Unfortunately for compliance reasons, I don't believe I'm allowed to install anything on these machines. After research-with splunk DB connect, can I connect to a db on a remote server and just query the DB, pulling the data into Splunk? That would be perfect.

0 Karma
Reply
Get Updates on the Splunk Community!

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...

[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...

Overwhelmed SOC? Splunk ES Has Your Back Tool sprawl, alert fatigue, and endless context switching are making ...

What’s New & Next in Splunk SOAR

Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us on ...
Top