All Apps and Add-ons

How to use Splunk calling a web service (SOAP) and index the response directly?

Tarek1977
Path Finder

Hello there,

I'm trying to put a web service call response (SOAP) into Splunk. It is possible to directly get the data stream into Splunk (without writing the response to a file and put it into a index directory)?

For example, I call the web service via a java program on the Splunk server (or from a remote server). I've got the response, so I have the option to write down the response to a file and forward it to Splunk or put the stream directly to (some) kind of service running on the Splunk server? Is that possible? Thank you in advance for your answers!

Tags (3)

aweitzman
Motivator

You might want to look into Splunk's REST API:

http://docs.splunk.com/Documentation/Splunk/6.1.1/RESTAPI/RESTinput#receivers.2Fsimple
http://docs.splunk.com/Documentation/Splunk/6.1.1/RESTAPI/RESTinput#receivers.2Fstream

Alternatively, you can open up a TCP or UDP port on the Splunk server for listening, and then send the data there directly.

0 Karma

ekcsoc
Path Finder

I downvoted this post because provided suggestion is not for soap request

0 Karma

Tarek1977
Path Finder

Hi aweitzman,

thank you for your answer. I'll check the REST API, if I can use it. I've read the TCP doc before, but I'm not sure, if this will solve my "issue".

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...