All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Use dashboard with SQL database

MikeKulls
Path Finder
‎06-19-2013 06:59 PM

Is it possible to create a dashboard that gets all or some of its information from an SQL database? We find the dashboard to be an excellent tool but not all of our data is in Splunk.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

aelliott
Motivator
‎01-20-2014 08:52 AM

You can run queries directly from sql using the following (db connect)
dbquery command

http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Commands

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

aelliott
Motivator
‎01-20-2014 08:52 AM

You can run queries directly from sql using the following (db connect)
dbquery command

http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Commands

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-20-2013 05:19 AM

Yeah I can see your point. We treat things a little differently with our buckets.

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-19-2013 08:12 PM

Well for what it's worth we do similar things with that sort of data and it works really well.

0 Karma
Reply
Solved! Jump to solution

MikeKulls
Path Finder
‎06-19-2013 09:52 PM

I guess putting all of that data into Splunk is an option but I'm a bit concerned with overusing Splunk. It's not a relational database and I don't want to use it for cases where I should be using a rdbms. We have an 18 month turnaround for Splunk data and if I store topology information in Splunk things could get messy. eg, if I write a log every time something changes but an element doesn't change for 18 months then data will be lost. Also, searching very old data in Splunk can be slow.

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-19-2013 07:41 PM

Yeah I would agree that could be neat. What kind of data is it?

0 Karma
Reply
Solved! Jump to solution

MikeKulls
Path Finder
‎06-19-2013 08:07 PM

It's anything related a the workings of a large network. It could be performance data, alarms, fault reports, topology information

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-19-2013 07:05 PM

Use dbconnect to get the data into Splunk and then dashboard it. Not sure you can do it directly but that's a really interesting feature request I think.

Reply
Solved! Jump to solution

MikeKulls
Path Finder
‎06-19-2013 07:38 PM

Getting the data into Splunk isn't really a good option. Using SQL directly in the dashboard would be the bee's knees of features imo. I would like to see a large number of employees go to Splunk first thing in the morning to get an overview of what is working and what isn't. But not everything is in Splunk so SQL access would make this a complete solution. I could even see some dashboards getting all of their information from SQL or sources outside Splunk.

0 Karma
Reply
Get Updates on the Splunk Community!

Get Operational Insights Quickly with Natural Language on the Splunk Platform

In today’s fast-paced digital world, turning data into actionable insights is essential for success. With ...

What’s New in Splunk Observability Cloud – June 2025

What’s New in Splunk Observability Cloud – June 2025 We are excited to announce the latest enhancements to ...

Almost Too Eventful Assurance: Part 2

Work While You SleepBefore you can rely on any autonomous remediation measures, you need to close the loop ...
Top