Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Getting data splunked arriving over a network/database

jigarkb
Engager
‎01-11-2013 05:15 AM

Here are some specific queries/problem statement I have :

  1. How can data be directly fed into splunk in a programmatic manner? This would mean that there is no manual intervention. A scenario is that data is arriving over the network and it needs to be stored in splunk.
  2. Is there a splunk connector which can directly talk to mysql database so that splunk can retrieve data automatically from mysql?
  3. Can the splunk query response data be formatted in JSON? What other formats can splunk query response data be formatted in?
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Ayn
Legend
‎01-11-2013 07:19 AM

  1. Yes. This is the most common way of feeding data into Splunk. Manually adding data is (I believe) less common. Filesystem-based inputs will continually monitor files or directories for new data and index it as soon as it arrives. Network-based inputs will do the same for network sockets.

  2. Yes. Have a look at Splunk DB Connect.

  3. Yes. JSON is one, CSV another, and there are more formats available, too. See information in the REST API docs:

View solution in original post

Reply
Solved! Jump to solution
Solution

Ayn
Legend
‎01-11-2013 07:19 AM

  1. Yes. This is the most common way of feeding data into Splunk. Manually adding data is (I believe) less common. Filesystem-based inputs will continually monitor files or directories for new data and index it as soon as it arrives. Network-based inputs will do the same for network sockets.

  2. Yes. Have a look at Splunk DB Connect.

  3. Yes. JSON is one, CSV another, and there are more formats available, too. See information in the REST API docs:

Reply
Solved! Jump to solution

Ayn
Legend
‎01-16-2013 01:16 PM

No, that covers more than what I'd like to put in a simple answer. My suggestion is that you read the docs and become familiar with how Splunk works in a distributed environment.

0 Karma
Reply
Solved! Jump to solution

jigarkb
Engager
‎01-16-2013 06:19 AM

Can you explain in detail how to feed xml data coming over a network and feeding it into splunk?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...