Getting Data In

Data import in SPLUNK

Contributor

Hi,

I have a Digital Guardian( DG) Tool installed in around 10 systems to prevent the data leakage, DG tool generates the Activity Log every Monday and there is a team who uploads those logs in the library and every time we download the logs from that library and import to SPLUNK.

Please let me know what ever the logs are getting generated by DG tool, I want all those logs to be imported directly to SPLUNK ( means : Logs will be generated by DG tool and automatically be fed to SPLUNK ), I dont wish to downlod the log and then import it to SPLUNK , instead I want the logs to be imported directly

Please help me to solve this problem

Your help is very much appreciated in this regards,

Tags (4)
0 Karma
1 Solution

Champion

Have a read of this;

http://docs.splunk.com/Documentation/Splunk/5.0.1/Deploy/Aboutforwardingandreceivingdata

It should hopefully answer most of your questions, if you hit a snag then just post back 🙂

View solution in original post

0 Karma

Contributor

I was just asking that DG tool is generating set of files every monday that i want to directly import to my SPLUNK server, How it could be done ? Please suggest me some solutions

0 Karma

Legend

I'm not sure how this question really relates to Splunk - isn't it more a matter of how Digital Guardian logs can be extracted? If so, wouldn't it be better to ask in a forum for the Digital Guardian product?

0 Karma

Champion

Have a read of this;

http://docs.splunk.com/Documentation/Splunk/5.0.1/Deploy/Aboutforwardingandreceivingdata

It should hopefully answer most of your questions, if you hit a snag then just post back 🙂

View solution in original post

0 Karma

Legend

You can definitely do that.

0 Karma

Champion

You could use http://splunk-base.splunk.com/apps/50803/splunk-db-connect from the indexer to connect directly, or use heavy forwarders to potentially connect remotely and forward the data. I haven't really explored how it functions yet

0 Karma

Contributor

Is it possible to connect SPLUNK forwarders with the SQL server, so that It will run a query to fetch the data and directly those data will be sent to the SPLUNK server..

Please help !!

0 Karma

Legend

???

You've been around for quite some time here and you don't know how Splunk licensing works? The Universal Forwarder can be downloaded free of charge from http://www.splunk.com/download/universalforwarder

0 Karma

Contributor

You mean to say that I should have "forwarders" installed in all those 10 servers too, so that it could collect the data generated by DG tool and forwards to the SPLUNK server directly for processing... If this is so , Do I need to pay anything to get the SPLUNK forwarders ? please suggest

0 Karma