- Splunk Answers
- :
- Using Splunk
- :
- Splunk Dev
- :
- Re: Splunk socket programming with java SDK
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I need to create the socket communication interface between splunk server and non-splunk server.
I am using java sdk to interact with splunk and searching the data and exporting it in a file. now I need to send this file thru socket to other server.
I know how to use java SDK and I know socket programming in java and how to send file over socket but I am not able to connect socket programming with java SDK.
like in java sdk we can connet with Service class but in socket programming we connect to the machine with Socket class.
Can anyone help me merging these two things to that I can connect two machines over socket and I can search and extract the data from splunk.
Thanks,
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Should be relatively simple :
1) open your connection to Splunk using Service class
2) open your socket connection to destination server using the Socket class
3) use the Splunk Service object to execute the search
4) read in the search results
5) perform any data transformation/filtering
6) write results out over the socket connection to the destination server.
Depending on the volumes of data , you might be able to skip writing to/reading from a file and just work in memory.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Should be relatively simple :
1) open your connection to Splunk using Service class
2) open your socket connection to destination server using the Socket class
3) use the Splunk Service object to execute the search
4) read in the search results
5) perform any data transformation/filtering
6) write results out over the socket connection to the destination server.
Depending on the volumes of data , you might be able to skip writing to/reading from a file and just work in memory.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Splunk Java SDK has a CSV Results Reader.
https://github.com/splunk/splunk-sdk-java/tree/master/splunk-external/com/splunk/external
These results readers are not part of the main SDK, but are included in the com.splunk.external module in the splunk-external.jar file. The JSON and CSV results readers also require third-party tokenizers for parsing (gson-2.1.jar and opencsv-2.3.jar)
Specify output to be "csv" when submitting the search.
Args queryArgs = new Args();
queryArgs.put("output_mode", "csv");
Code example here : https://gist.github.com/3270825
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As in 4th step "read in the search result" I need to send result data in csv but with javasdk the search result reader is in XML so how can i get result in csv format?
Updated Team Landing Page in Splunk Observability
New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
