All Apps and Add-ons

MongoDB and Splunk

atreyarc
Engager

How can I use a look-up and/or connect Splunk with my MongoDB server?

Any help would be greatly appreciated.

tpaulsen
Contributor

It´s a year old question...but i found something from unityjdbc.com:

They seem to have a JDBC Driver for MongoDB and Splunk: http://www.unityjdbc.com/mongojdbc/setup/mongodb_jdbc_splunk.pdf

JDBC Drive here: http://www.unityjdbc.com/mongojdbc/mongo_jdbc.php
Though i haven´t tried that yet.

Federica_92
Communicator

did you try to connect them?

0 Karma

zvaseqi
Explorer

I tried using this plugin to get db input into splunk.
The driver works fine when using DB Query (under Splunk DB Connect) but when trying to get data into splunk using tail method I have this problem here: http://answers.splunk.com/answers/246656/getting-mongodb-data-into-splunk-on-isodate-rising.html

0 Karma

rdagan_splunk
Splunk Employee
Splunk Employee

This integration is now available via a the Hunk App for MongoDB.

amiracle
Splunk Employee
Splunk Employee

http://apps.splunk.com/app/1810/ Here's the link to the above mentioned app.

0 Karma

shahneel
Path Finder

I guess he doesnot want mongodb data in splunk ... he wants to lookup values from MongoDB... that can be done via Python Script. no HUNK required.

0 Karma

barakreeves
Splunk Employee
Splunk Employee

Unfortunately, this is not supported via DBConnect at this time. One workaround for the time being is to do a scripted output against Python and output the results in a csv (lookup file).

If you are new to using Splunk, here's a link to how to setup a scripted input...quite easy!
http://docs.splunk.com/Documentation/Splunk/5.0.3/AdvancedDev/ScriptSetup#Script_to_poll_a_database

To do lookups, here is a link: http://docs.splunk.com/Documentation/Splunk/5.0.3/Tutorial/Usefieldlookups

Question: what is your use case for MongoDB...very curious!

splunk_coe_exte
New Member

Please share the same with us also. We are also trying to connect to MongoDB from splunk

0 Karma

atreyarc
Engager

Thanks for the reply.I did a bit over the weekend. Getting closer to the goal. Will keep you posted.

Why MongoDB? Because of the unstructured format of the data which has to be plotted against multiple xml(s) and also the huge amount of data handling. Relational DBs, if used, will have the complexity of tweaking to a huge extent.

0 Karma
Get Updates on the Splunk Community!

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...

Splunkbase | Splunk Dashboard Examples App for SimpleXML End of Life

The Splunk Dashboard Examples App for SimpleXML will reach end of support on Dec 19, 2024, after which no new ...

Understanding Generative AI Techniques and Their Application in Cybersecurity

Watch On-Demand Artificial intelligence is the talk of the town nowadays, with industries of all kinds ...