All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Use dashboard with SQL database

MikeKulls
Path Finder
‎06-19-2013 06:59 PM

Is it possible to create a dashboard that gets all or some of its information from an SQL database? We find the dashboard to be an excellent tool but not all of our data is in Splunk.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

aelliott
Motivator
‎01-20-2014 08:52 AM

You can run queries directly from sql using the following (db connect)
dbquery command

http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Commands

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

aelliott
Motivator
‎01-20-2014 08:52 AM

You can run queries directly from sql using the following (db connect)
dbquery command

http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Commands

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-20-2013 05:19 AM

Yeah I can see your point. We treat things a little differently with our buckets.

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-19-2013 08:12 PM

Well for what it's worth we do similar things with that sort of data and it works really well.

0 Karma
Reply
Solved! Jump to solution

MikeKulls
Path Finder
‎06-19-2013 09:52 PM

I guess putting all of that data into Splunk is an option but I'm a bit concerned with overusing Splunk. It's not a relational database and I don't want to use it for cases where I should be using a rdbms. We have an 18 month turnaround for Splunk data and if I store topology information in Splunk things could get messy. eg, if I write a log every time something changes but an element doesn't change for 18 months then data will be lost. Also, searching very old data in Splunk can be slow.

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-19-2013 07:41 PM

Yeah I would agree that could be neat. What kind of data is it?

0 Karma
Reply
Solved! Jump to solution

MikeKulls
Path Finder
‎06-19-2013 08:07 PM

It's anything related a the workings of a large network. It could be performance data, alarms, fault reports, topology information

0 Karma
Reply
Solved! Jump to solution

billford
Path Finder
‎06-19-2013 07:05 PM

Use dbconnect to get the data into Splunk and then dashboard it. Not sure you can do it directly but that's a really interesting feature request I think.

Reply
Solved! Jump to solution

MikeKulls
Path Finder
‎06-19-2013 07:38 PM

Getting the data into Splunk isn't really a good option. Using SQL directly in the dashboard would be the bee's knees of features imo. I would like to see a large number of employees go to Splunk first thing in the morning to get an overview of what is working and what isn't. But not everything is in Splunk so SQL access would make this a complete solution. I could even see some dashboards getting all of their information from SQL or sources outside Splunk.

0 Karma
Reply
Get Updates on the Splunk Community!

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Announcing the General Availability of Splunk Enterprise Security 8.1!

We are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only ...

Developer Spotlight with William Searle

The Splunk Guy: A Developer’s Path from Web to Cloud William is a Splunk Professional Services Consultant with ...
Top