All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Using splunk to check your log against database

c0mrade
Explorer
‎05-09-2011 01:56 AM

Hello all, I'm a new splunk user and I'm not familiar yet with all its features. I have a rather unusual(or not) thing in mind to do with splunk.

I have a jboss application server log, in which I have all request towards 3rd party service logged. Each request has requestId which could be extracted.

I want to use those extracted requestIds to query the 3rd party service database and to compare the results which I get with those in my log.

I realize that I'll have to do some scripting to do this, my question is : is splunk overhead for this? or I'd be better of writing some script for this.

Anyone had similar expiriences?

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-09-2011 09:09 AM

You can use splunk to pull entries from a database, but it will require the input you setup be a scripted input. So, yes, you can do it. However, as you suspected, it will require some scripting to do accomplish the task.

There have been a few posts about this over the last week which I find you'll probably find to be helpful and applicable to your particular scenario.

http://splunk-base.splunk.com/answers/23846/how-do-i-setup-an-input-for-sql-data?page=1#23857

http://splunk-base.splunk.com/answers/23772/index-a-db-log

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-09-2011 09:09 AM

You can use splunk to pull entries from a database, but it will require the input you setup be a scripted input. So, yes, you can do it. However, as you suspected, it will require some scripting to do accomplish the task.

There have been a few posts about this over the last week which I find you'll probably find to be helpful and applicable to your particular scenario.

http://splunk-base.splunk.com/answers/23846/how-do-i-setup-an-input-for-sql-data?page=1#23857

http://splunk-base.splunk.com/answers/23772/index-a-db-log

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...