I've created an Splunk R app. It's really in a very early status so don't use it in production environment.
Description from http://apps.splunk.com/app/1735/:
This app provides a new Splunk search
language command 'r' that allows
passing data from Splunk to the
R-Engine for calculation and then
passing results back to Splunk for
further computation or visualization.
The app is open source: https://github.com/rfsp/r.
Please feel free to contribute. Please provide feedback, questions and suggestions!
Darn! I wish you started this project earlier! If you did, we wouldn't have made any investment into this. We already invested developing "Splunk R" 6 month ago and put in significant amount of investment into it. We will have a GA version targeting this May. So, we can't go opensource...
We will have a GA a full working data modeling version targeting this May. Again, I wish we know each other earlier. Believe me , it requires more than just programming skills to get this done...
You can potentially use Java or Python bindings for R to utilize the Splunk SDK's, or use the REST API directly for searching data in Splunk and/or indexing data into Splunk from your R script.
R Language support on Splunk Answers
I'm interested but have not yet started pursuing this. As one approach, some integration can be achieved via the shared capabilities of both Splunk and R with relational databases / CSV files.
Can you add some context regarding your use case in terms of direction of data flow and realtime requirements? e.g. are you looking to process Splunk output in R or consume R output in Splunk.
Splunk consuming R output:
- Splunk could use a data input command to periodically run an R script and index the results.
- An externally scheduled (cron) R script could stage output in a CSV for Splunk to incorporate using a lookup. This would be good for a particularly expensive R script if the results do not need to be realtime.
- A Splunk lookup can also run an R script inline with a search.