All Apps and Add-ons

splunk app db_connect

pc1234
Explorer

I'm creating an alert to notify oracle database administrators  when a  db_connect connection has failed. I have created the query to return the name of the failed connection using the splunk _internal logs. However, I would like to include the hostname and default database that are defined in the connection.  I have not been able to locate logs with the connection host and default database using the connection name as the search criteria.

Is there a REST or CURL command available that retrieves the host and default database (using the connection name as input) that I can  use to join with my  completed query that retrieves failed connections?

Thanks In Advance.

 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Unified Identity - Now Available for Existing Splunk ...

Raise your hand if you’ve already forgotten your username or password when logging into an account. (We can’t ...

Index This | How many sides does a circle have?

February 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...