All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk DB Connect: Index data running dbxquery command

maurelio79
Communicator
‎10-30-2017 11:45 AM

Hi to all, i'd like to know if it's possible index data running dbx command from a sdk python script.
I'm not finding anything on internet. if i manually run | dbxquery ... data are not indexed, they are indexed just if the query is scheduled via Splunk UI.
Is there a different way? Maybe some rest api? Or maybe running one of the mi script (mi_input.py?) after command dbxquery?

Thanks and regards.

0 Karma
Reply

s2_splunk
Splunk Employee
Splunk Employee
‎10-30-2017 12:02 PM

Did you read through the documentation? Database Inputs are used to index data from a database. The dbxquery search command is used to execute SQL statements or stored procedures.

What is your requirement that you need to execute it from a Python script?
I guess it would be possible to execute a query with dbxquery and then use | collect to store the results in an index, but it would help to better understand your use case.

0 Karma
Reply

garias_splunk
Splunk Employee
Splunk Employee
‎06-21-2019 01:38 AM

Tested!
from the command line, curl command calling saved search that includes a |collect index=yourIndexHere does trigger a search that gets data from DB and index the outcome within yourIndexHere

0 Karma
Reply

maurelio79
Communicator
‎10-30-2017 01:11 PM

Hi, first of all for for answer.
Basically i was asked to give to the customer the possibility to change the scheduled time of db input via beta48 batch on mainframe.
For example: when new data are inserted on DB2, the user schedule a job that change the scheduled time of the DB input, for this reason i was thinking about python.

Thanks and regards.

P.S.
Basically i need to run a DB input on demand, not scheduled.

0 Karma
Reply

francisco_mota
Loves-to-Learn Lots
‎12-23-2020 11:52 AM

Maybe using as bellow:

| dbxquery connection=<YOUR_CONNECTION> query="<YOUR_QUERY>" | collect index=<YOUR_INDEX_NAME>
Tags (2)
0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

ATTENTION!! We’re MOVING (not really)

Hey, all! In an effort to keep this Slack workspace secure and also to make our new members' experience easy, ...

Splunk Admins: Build a Smarter Stack with These Must-See .conf25 Sessions

  Whether you're running a complex Splunk deployment or just getting your bearings as a new admin, .conf25 ...

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...
Top