All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Using splunk to check your log against database

c0mrade
Explorer
‎05-09-2011 01:56 AM

Hello all, I'm a new splunk user and I'm not familiar yet with all its features. I have a rather unusual(or not) thing in mind to do with splunk.

I have a jboss application server log, in which I have all request towards 3rd party service logged. Each request has requestId which could be extracted.

I want to use those extracted requestIds to query the 3rd party service database and to compare the results which I get with those in my log.

I realize that I'll have to do some scripting to do this, my question is : is splunk overhead for this? or I'd be better of writing some script for this.

Anyone had similar expiriences?

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-09-2011 09:09 AM

You can use splunk to pull entries from a database, but it will require the input you setup be a scripted input. So, yes, you can do it. However, as you suspected, it will require some scripting to do accomplish the task.

There have been a few posts about this over the last week which I find you'll probably find to be helpful and applicable to your particular scenario.

http://splunk-base.splunk.com/answers/23846/how-do-i-setup-an-input-for-sql-data?page=1#23857

http://splunk-base.splunk.com/answers/23772/index-a-db-log

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-09-2011 09:09 AM

You can use splunk to pull entries from a database, but it will require the input you setup be a scripted input. So, yes, you can do it. However, as you suspected, it will require some scripting to do accomplish the task.

There have been a few posts about this over the last week which I find you'll probably find to be helpful and applicable to your particular scenario.

http://splunk-base.splunk.com/answers/23846/how-do-i-setup-an-input-for-sql-data?page=1#23857

http://splunk-base.splunk.com/answers/23772/index-a-db-log

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Developer Program!

Hey Splunk community!  We are excited to announce that Splunk is launching the Splunk Developer Program in ...

Splunkbase Year in Review 2024

Reflecting on 2024, it’s clear that innovation and collaboration have defined the journey for Splunk ...

Developer Spotlight with Brett Adams

In our third Spotlight feature, we're excited to shine a light on Brett—a Splunk consultant, innovative ...
li.common.scroll-to.top