All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk DB Connect: Index data running dbxquery command

maurelio79
Communicator
‎10-30-2017 11:45 AM

Hi to all, i'd like to know if it's possible index data running dbx command from a sdk python script.
I'm not finding anything on internet. if i manually run | dbxquery ... data are not indexed, they are indexed just if the query is scheduled via Splunk UI.
Is there a different way? Maybe some rest api? Or maybe running one of the mi script (mi_input.py?) after command dbxquery?

Thanks and regards.

0 Karma
Reply

s2_splunk
Splunk Employee
Splunk Employee
‎10-30-2017 12:02 PM

Did you read through the documentation? Database Inputs are used to index data from a database. The dbxquery search command is used to execute SQL statements or stored procedures.

What is your requirement that you need to execute it from a Python script?
I guess it would be possible to execute a query with dbxquery and then use | collect to store the results in an index, but it would help to better understand your use case.

0 Karma
Reply

garias_splunk
Splunk Employee
Splunk Employee
‎06-21-2019 01:38 AM

Tested!
from the command line, curl command calling saved search that includes a |collect index=yourIndexHere does trigger a search that gets data from DB and index the outcome within yourIndexHere

0 Karma
Reply

maurelio79
Communicator
‎10-30-2017 01:11 PM

Hi, first of all for for answer.
Basically i was asked to give to the customer the possibility to change the scheduled time of db input via beta48 batch on mainframe.
For example: when new data are inserted on DB2, the user schedule a job that change the scheduled time of the DB input, for this reason i was thinking about python.

Thanks and regards.

P.S.
Basically i need to run a DB input on demand, not scheduled.

0 Karma
Reply

francisco_mota
Loves-to-Learn Lots
‎12-23-2020 11:52 AM

Maybe using as bellow:

| dbxquery connection=<YOUR_CONNECTION> query="<YOUR_QUERY>" | collect index=<YOUR_INDEX_NAME>
Tags (2)
0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

Security Professional: Sharpen Your Defenses with These .conf25 Sessions

Sooooooooooo, guess what. .conf25 is almost here, and if you're on the Security Learning Path, this is your ...

First Steps with Splunk SOAR

Our first step was to gather a list of the playbooks we wanted and to sort them by priority.  Once this list ...

How To Build a Self-Service Observability Practice with Splunk Observability Cloud

If you’ve read our previous post on self-service observability, you already know what it is and why it ...
Top