All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk DB Connect: Index data running dbxquery command

maurelio79
Communicator
‎10-30-2017 11:45 AM

Hi to all, i'd like to know if it's possible index data running dbx command from a sdk python script.
I'm not finding anything on internet. if i manually run | dbxquery ... data are not indexed, they are indexed just if the query is scheduled via Splunk UI.
Is there a different way? Maybe some rest api? Or maybe running one of the mi script (mi_input.py?) after command dbxquery?

Thanks and regards.

0 Karma
Reply

s2_splunk
Splunk Employee
Splunk Employee
‎10-30-2017 12:02 PM

Did you read through the documentation? Database Inputs are used to index data from a database. The dbxquery search command is used to execute SQL statements or stored procedures.

What is your requirement that you need to execute it from a Python script?
I guess it would be possible to execute a query with dbxquery and then use | collect to store the results in an index, but it would help to better understand your use case.

0 Karma
Reply

garias_splunk
Splunk Employee
Splunk Employee
‎06-21-2019 01:38 AM

Tested!
from the command line, curl command calling saved search that includes a |collect index=yourIndexHere does trigger a search that gets data from DB and index the outcome within yourIndexHere

0 Karma
Reply

maurelio79
Communicator
‎10-30-2017 01:11 PM

Hi, first of all for for answer.
Basically i was asked to give to the customer the possibility to change the scheduled time of db input via beta48 batch on mainframe.
For example: when new data are inserted on DB2, the user schedule a job that change the scheduled time of the DB input, for this reason i was thinking about python.

Thanks and regards.

P.S.
Basically i need to run a DB input on demand, not scheduled.

0 Karma
Reply

francisco_mota
Loves-to-Learn Lots
‎12-23-2020 11:52 AM

Maybe using as bellow:

| dbxquery connection=<YOUR_CONNECTION> query="<YOUR_QUERY>" | collect index=<YOUR_INDEX_NAME>
Tags (2)
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...