Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Integration

Atchyuth_P
Path Finder
‎11-03-2021 10:49 PM

Hi,

1) Which integration method will be used when data in onboarded with following steps 

a) HEC method

b)TCP method

c) DB connect ?

2) How many API scripts that we can able to run in HF?

If possible can you please suggest any documentation and also the uses for the above methods individually?

 

0 Karma
Reply

Roy_9
Motivator
‎11-04-2021 09:17 PM

It would be helpful if you provide the source of the logs that you would like to ingest into Splunk?

your options varies based on the source.

Reply

gcusello
SplunkTrust
SplunkTrust
‎11-04-2021 12:16 AM

Hi @Atchyuth_P,

about the first question:

"integration" is a great word with a large set of meanings, what do you mean with "integration"?

Probably you don't mean "ingesting" because you already have your ingestion methods.

Maybe you mean "parsing", in this case you have to use the same methods of each ingestion method in Splunk: you have to use a Technical Add-On to correctly parse your logs.

About the second question, there isn't any limit in the number of concurrent APIs in your HFs, they depend only on the resources available on the HF and there isn't a casistic or a benchmark.

My hint is to try with your APIs using a standard configuration for the HFs (12 CPUs and 12 GB RAM), then you could monitor your HFs to understand if the resources are sufficient or if you need to add more of them to your HFs.

Ciao.

Giuseppe

Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...