All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Using splunk to check your log against database

c0mrade
Explorer
‎05-09-2011 01:56 AM

Hello all, I'm a new splunk user and I'm not familiar yet with all its features. I have a rather unusual(or not) thing in mind to do with splunk.

I have a jboss application server log, in which I have all request towards 3rd party service logged. Each request has requestId which could be extracted.

I want to use those extracted requestIds to query the 3rd party service database and to compare the results which I get with those in my log.

I realize that I'll have to do some scripting to do this, my question is : is splunk overhead for this? or I'd be better of writing some script for this.

Anyone had similar expiriences?

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-09-2011 09:09 AM

You can use splunk to pull entries from a database, but it will require the input you setup be a scripted input. So, yes, you can do it. However, as you suspected, it will require some scripting to do accomplish the task.

There have been a few posts about this over the last week which I find you'll probably find to be helpful and applicable to your particular scenario.

http://splunk-base.splunk.com/answers/23846/how-do-i-setup-an-input-for-sql-data?page=1#23857

http://splunk-base.splunk.com/answers/23772/index-a-db-log

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-09-2011 09:09 AM

You can use splunk to pull entries from a database, but it will require the input you setup be a scripted input. So, yes, you can do it. However, as you suspected, it will require some scripting to do accomplish the task.

There have been a few posts about this over the last week which I find you'll probably find to be helpful and applicable to your particular scenario.

http://splunk-base.splunk.com/answers/23846/how-do-i-setup-an-input-for-sql-data?page=1#23857

http://splunk-base.splunk.com/answers/23772/index-a-db-log

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...
Top