Getting Data In

Escape special characters in DB Connect

altink
Builder

Pulling database events with Splunk DB Connect I noticed that:

1. New (non-existing) fields are created
2. text fields containing special characters  are cut

The only reason I have been able to identify consists in the presence of special characters of the kind:
( ) " :
... in fields like "SQL _Text", that by their nature can contain quotes, brackets and else.

How can I escape these problem-causing characters ?
This done inside Splunk - and not anywhere on the DB side, or the SQL command for pulling records.

What are the characters that must be escaped?
Asking the later because when working in a previous project with ingesting events from a DB to Splunk via TCP Data Input, I noticed that not all special characters where causing same problem as above - but only few of them.

best regards
Altin 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...