All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

splunk DB connect with splunk cloud

santosh11
New Member
‎09-29-2019 08:03 PM

I want to perform db connect between oracle and splunk. Please let me know how can we do that?

Regards,
Santosh

Tags (1)
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-30-2019 12:03 AM

Hi santosh11,
if you're using Splunk Cloud, surely you're using at least two (or more) Heavy Forwarders to concentrate logs to send to Splunk Cloud.

So you can use a dedicated Heavy Forwarder to install DB-Connect App following the instructions in Splunk documentation https://docs.splunk.com/Documentation/DBX/3.1.4/DeployDBX/AboutSplunkDBConnect.
If you have few logs, you can use one of the Heavy Forwarders used as concentrators, but this depends on the volume of logs.
Using this Heavy Forwarder, you can access your Oracle DB Server and extract the data you need.

Bye.
Giuseppe

0 Karma
Reply

santosh11
New Member
‎09-30-2019 06:37 PM

Hello Gcusello,

I have successfully pushed data from Oracle to Splunk cloud using Splunk DB connect. Now i want to push the data back. I.E. from Splunk index data to oracle db through DB connect.

I have pushed data to Oracle DB from Splunk DB connect which is in HF. But how will we do that from Splunk Cloud Index data?

Regards,
Santosh

0 Karma
Reply

skrajkumar_splu
Splunk Employee
Splunk Employee
‎09-29-2019 10:45 PM

Hey Santosh,

The best recommended solution is to connect the DB via HF. By this way you can eradicate below challenges

  1. It helps in security. You need not risk in exposing your DB to internet, also you need not trouble yourself with port openings.
  2. At time SQL queries may yield huge datasets, depending on your bandwidth it may slowdown your network.

So its better to install DB Connect in your Local HF( As you usually configure in Splunk enterprise) and forward its data to the cloud.

Hope this helps.

,

0 Karma
Reply

santosh11
New Member
‎09-30-2019 06:38 PM

Hello skrajkumar,

I have successfully pushed data from Oracle to Splunk cloud using Splunk DB connect via HF. Now i want to push the data back. I.E. from Splunk index data to oracle db through DB connect via HF.

I have pushed data to Oracle DB from Splunk DB connect which is in HF. But how will we do that from Splunk Cloud Index data?

Regards,
Santosh

0 Karma
Reply
Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...