Is it possible to store some data directly in Splu...

ektasiwani · ‎06-03-2016

Hi ,

I have an external app where I am fetching data from Splunk and displaying a graph using the JavaScript SDK. Now I need to store some data (not file), like elements of an array.

I don't want to use any other database. Can I store array elements directly on Splunk (not file) using JavaScript SDK? I don't have this data stored on any file as its being created on the fly.

Thanks!

loggar · ‎08-02-2016

You can write it directly to your index in Splunk ...

var service = mvc.createService();

var myindexes = service.indexes();

myindexes.fetch(function(err, myindexes) {

    var myindex = myindexes.item("nameofmyindex");

    myindex.submitEvent('my_events_to_write_into_splunk_index', {
        sourcetype: 'nameofsourcetype'
    }, function(err, result, myindex) {
        console.log("Submitted event: ", result);
    });
});

Richfez · ‎06-04-2016

I'm not an expert in this, but a couple of things came to mind as I read your question.

Have you looked into the HTTP Event Collector? Here's possibly a better resource for you on setting up HEC.

And I'm not sure why you don't want files. What's actually wrong with taking whatever data it is you want to save, serialize your data or normalize it in a fashion you can use log4XXX (or your own stuff, whatever) to write it to a file, then have Splunk monitor that file. Depending on what you need, you could have it write a CSV and use that as a lookup file, too.

Is it possible to store some data directly in Splunk (not through some file) using the JavaScript SDK?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases