Getting Data In

Configure schedule job to export data from splunk to Hadoop

msplunk33
Path Finder

I need some documentation in configuring schedule job for exporting data from splunk to Hadoop using Splunk Hadoop connect. What are the prerequisites. I am new to hadoop. What are the different ways we can export data from splunk to hadoop.

Labels (1)
Tags (1)
0 Karma
1 Solution

thambisetty
SplunkTrust
SplunkTrust

I have just developed alert actions which will be used to upload search results into AWS S3. I will upload TA to splunkbase.

————————————
If this helps, give a like below.

View solution in original post

thambisetty
SplunkTrust
SplunkTrust

@msplunk33 
The TA has been published and its available to public now.

————————————
If this helps, give a like below.
0 Karma

thambisetty
SplunkTrust
SplunkTrust

https://splunkbase.splunk.com/app/5273/#/overview

This app is pending approval and is not yet publicly visible. 

I will update here once app is published.

 

————————————
If this helps, give a like below.
0 Karma

msplunk33
Path Finder

Thank you. How can I download the  TA? Please share me the link.

0 Karma

thambisetty
SplunkTrust
SplunkTrust

Hadoop file system is completely different than AWS s3. 
May be you need to create a command or script to export splunk results to s3.

————————————
If this helps, give a like below.
0 Karma

thambisetty
SplunkTrust
SplunkTrust

You may find below link useful.

https://docs.splunk.com/Documentation/HadoopConnect/1.2.5/DeployHadoopConnect/AboutSplunkHadoopConne...

————————————
If this helps, give a like below.
0 Karma

msplunk33
Path Finder

I am using AWS S3 as the destination instead of Hadoop cluster. Any specific documentation for this.

0 Karma

thambisetty
SplunkTrust
SplunkTrust

I have just developed alert actions which will be used to upload search results into AWS S3. I will upload TA to splunkbase.

————————————
If this helps, give a like below.

msplunk33
Path Finder

Thank you thambisetty

0 Karma
Get Updates on the Splunk Community!

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...