Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Integrating Splunk Dashboard with Database

htpalli
Engager
‎11-09-2021 04:07 AM

Hi Team,

I am very new to Splunk Dashboard.

Do you think we can form some SQL queries from the backend for any of the tasks below so that we can capture them via Splunk dashboard?

1. API Service UP/ Down

2. Response Time by UI API

3. Frequent Users

4. CPU Utilization

5. Mem Utilization

6. Login Statistics

7. API Error Report

Database we use: HDFS

 

Regards,

Harish

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-09-2021 04:13 AM

Hi @htpalli,

if you have these logs in a DB table, you can use DB-Connect to extract and save them in a Splunk Index.

If you already have these information in a log file, you could read and index it.

In both cases you can run a search to display what you need in a dashboard.

Remember that the only limitation in Splunk is the availability of data: if you have them (in almost every format) you can index, search and display them in a dashboard.

Ciao.

Giuseppe

Reply

htpalli
Engager
‎11-09-2021 04:19 AM

Thank you @gcusello for your quick response.

I have worked extensively on Oracle database where we can track user activities from V$SESSION/V$SQL datastores or any other DBA related tables.

However, I am using HDFS in my current project. Wondering if you have any idea on which tables we can reference to get info on (1) Response Time by UI API (2) Frequent Users (3) Login Statistics.

This info helps to integrate the SQL into Splunk so that it can monitor and show the results via Dashboard.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-10-2021 02:52 AM

Hi @htpalli,

sorry! I don't know how Oracle stores this information and probably few or none in this Community have this information, you should see in Oracle documentation or Community.

When you'll have the query to extract the wanted data, you'll be able to use it in DB-Connect or create a scheduled query to save data in a file to read using the Universal Forwarder.

The first solution is easier but requires an access to the DB to execute the query.

the second one requires the presence of a Universal Forwarder on the Oracle database server but is stronger for security.

Ciao.

Giuseppe

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Financial services organizations face an impossible equation: maintain 99.9% uptime for mission-critical ...

Customer success is front and center at .conf25

Hi Splunkers, If you are not able to be at .conf25 in person, you can still learn about all the latest news ...