Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- SCCM 2012 Reporting and Splunk
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SCCM 2012 Reporting and Splunk
Anyone using Splunk for SCCM reporting, if so, any advice or must-have applications? Does DB Connect support T-SQL? WQL to SQL is a Microsoft translation through SCCM and we'd like to use Splunk instead of the report builder. Currently using the DB Connect Splunk app and connected to a CAS.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to you integrate SCCM log to Splunk, do you have any sample on how to modify the config file?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I was able to pull raw SCCM logs via a UF installed on the SCCM server. But, I don't actually use them for anything. After a lot of difficulty I was also able to query our SCCM SQL server via DBConnect.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I used DBConnect to interface with the ConfigMgr data store.
More specifically, I use DBQuery to maintain a lookup file having most commonly referenced configuration manager client data such as name, domain, model, osname, osversion, adsitename, ipaddress, serial, etc.
More More specifically, what I do is schedule a report with | dbquery
search | lookup cmClientAttributes host as name0 OUTPUT
works for me
have fun
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I know it's been five years and this is a long shot but if you remember... how did you set up DBconnect to interface with configmgr?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The following article contains a list of views of interest in ConfigMgr:
http://gallery.technet.microsoft.com/SCCM-Configmgr-2012-R2-SQL-5fefdd3b
As for a sample query:
| dbquery [connectionName] "SELECT * FROM v_R_System"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Example sql statement? I'm connected with DB Connect but having trouble getting results.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions
Splunk Community Badges!
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
