All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

MongoDb data indexing

sssid
New Member
‎07-06-2017 10:49 PM

I am planning to use splunk for visualizing my data and could use some help modelling it .

  • i have some json data stored in mongodb that i need to access in splunk .
  • Data reaches upto 1 TB per day .
  • I need to fetch, process and index this data so it can be viewed in splunk.

My question is with the fetching the data . What is the best way to fetch this data periodically ? I need to fetch data from mongodb for a particular time frame . Ie this is not real time streaming data .

After I specify data sources using hunk , how do i index the data for specific time ranges ?

Should i create an intermediary application (node.js or java) just for fetching and indexing the data periodically ?

0 Karma
Reply

puneethgowda
Communicator
‎04-05-2018 10:37 PM

But what are the configuration needed to bring the data into Splunk from mangodb

0 Karma
Reply

rdagan_splunk
Splunk Employee
Splunk Employee
‎07-14-2017 05:44 PM

You can either use the Hunk App for MongoDB or DB Connect with JDBC to MongoDB.
With Hunk App for MongoDB:
in the search use: index=mongoVIX | collect my-local-splunk-index
or
set a schedule search and send the data to my-local-splunk-index

With DB Connect:
Setup Database Input based on rising column or batch. In both cases the data will be sent to a local Splunk index.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security: Your Command Center for PCI DSS Compliance

Every security professional knows the drill. The PCI DSS audit is approaching, and suddenly everyone's asking ...

Developer Spotlight with Guilhem Marchand

From Splunk Engineer to Founder: The Journey Behind TrackMe    After spending over 12 years working full time ...

Cisco Catalyst Center Meets Splunk ITSI: From 'Payments Are Down' to Root Cause in ...

The Problem: When Networks and Services Don't Talk Payment systems fail at a retail location. Customers are ...