All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Ways to index MongoDB data in Splunk

JohannLiebert92
Path Finder
‎02-05-2018 10:24 PM

Hi everyone,

I'm looking for ways to index data from MongoDB.

As per the post below, I'm aware of Hunk App for MongoDB and/or DB Connect,
https://answers.splunk.com/answers/553356/mongodb-data-indexing.html?utm_source=typeahead&utm_medium...

However, as I'm running Splunk 7.0.1, Hunk App for MongoDB doesn't seem to work in my case, I was unable to create virtual index (the New button is not visible). As for DB Connect, I'm aware of UnityJDBC which allows Splunk to connect to MongoDB but only during the trial, after which a license is required for full functionality. I would like to keep the purchase of the driver license as the last resort. May I know is there any alternatives to the above mentioned methods?

Any help would be much appreciated!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

YoungN
Splunk Employee
Splunk Employee
‎02-07-2018 08:38 AM

For my MongoDB I created a REST Interface and created the access token. This allowed me to use the Rest-TA and pull the specific indexes from the MongoDB. It will come into Splunk as JSON and will parse out fairly easily to search through.

View solution in original post

Reply
Solved! Jump to solution
Solution

YoungN
Splunk Employee
Splunk Employee
‎02-07-2018 08:38 AM

For my MongoDB I created a REST Interface and created the access token. This allowed me to use the Rest-TA and pull the specific indexes from the MongoDB. It will come into Splunk as JSON and will parse out fairly easily to search through.

Reply
Solved! Jump to solution

JohannLiebert92
Path Finder
‎02-19-2018 08:04 PM

Hi nyoung,

Sorry for the delays.

Thanks for your suggestion! I'm quite new to MongoDB, may I know how is the effort like to create a REST interface and access token for MongoDB? Or if you have a link you could share that would be great.

0 Karma
Reply
Solved! Jump to solution

YoungN
Splunk Employee
Splunk Employee
‎02-20-2018 08:51 AM

Sorry, I meant to go back and add a link for it.
easiest is to "npm install mongodb-rest" (https://www.npmjs.com/package/mongodb-rest)

Then here are some good step by step write up's for creating the rest instance in Node.js so you can pull down the different conditions. Check out the list of references with these three you should be able to figure most of it out to create your own.

References:
https://www.npmjs.com/package/mongodb-rest
https://getstream.io/blog/building-rest-api-node-js-restify-mongodb/
https://docs.mongodb.com/ecosystem/tools/http-interfaces/

0 Karma
Reply
Solved! Jump to solution

JohannLiebert92
Path Finder
‎02-20-2018 06:24 PM

Thanks! I will check those out

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...