Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Re: Use dashboard with SQL database
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is it possible to create a dashboard that gets all or some of its information from an SQL database? We find the dashboard to be an excellent tool but not all of our data is in Splunk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can run queries directly from sql using the following (db connect)
dbquery command
http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Commands
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can run queries directly from sql using the following (db connect)
dbquery command
http://docs.splunk.com/Documentation/DBX/1.1.1/DeployDBX/Commands
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yeah I can see your point. We treat things a little differently with our buckets.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well for what it's worth we do similar things with that sort of data and it works really well.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I guess putting all of that data into Splunk is an option but I'm a bit concerned with overusing Splunk. It's not a relational database and I don't want to use it for cases where I should be using a rdbms. We have an 18 month turnaround for Splunk data and if I store topology information in Splunk things could get messy. eg, if I write a log every time something changes but an element doesn't change for 18 months then data will be lost. Also, searching very old data in Splunk can be slow.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yeah I would agree that could be neat. What kind of data is it?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's anything related a the workings of a large network. It could be performance data, alarms, fault reports, topology information
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Use dbconnect to get the data into Splunk and then dashboard it. Not sure you can do it directly but that's a really interesting feature request I think.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Getting the data into Splunk isn't really a good option. Using SQL directly in the dashboard would be the bee's knees of features imo. I would like to see a large number of employees go to Splunk first thing in the morning to get an overview of what is working and what isn't. But not everything is in Splunk so SQL access would make this a complete solution. I could even see some dashboards getting all of their information from SQL or sources outside Splunk.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions
Splunk Community Badges!
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
