Getting Data In

How can I import data from MySQL tables into Splunk assets ?

KleeJean
Observer

I have some data in MySQL , and I have DB Content in Splunk.

Now I want import MySQL data into Splunk assets , but I just find how import data from csv files .

 

I knew this documentation : Collect and extract asset and identity data in Splunk Enterprise Security - Splunk Documentation  , but I don't know how "Use Splunk DB Connect" for import data .

KleeJean_0-1660547961438.png

 

And , this page is null (v7.0.1) : Define identity formats - Splunk Documentation 

 

PS: Sorry for my bad English.

Labels (1)
Tags (1)
0 Karma

VatsalJagani
SplunkTrust
SplunkTrust

@KleeJean - I don't know if there is any better way to do this, but here is what will work for sure.

  • Install DB Connect on the same search head as Enterprise Security. - https://splunkbase.splunk.com/app/2686/ 
  • Create a scheduled report (keep intervals according to how often you think data in the database is getting changed.)

 

| dbxquery query="<write-your-query-here>" connection="<dbx-connection>" 
| outputlookup my_sql_data.csv​

 

  • Use my_sql_data.csv file as an Enterprise Security asset file.

 

I hope this helps!!!

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Splunk DB Connect is an app that can read data from a SQL database.  Download it from splunkbase and install it on a search head or heavy forwarder.  Documentation for DB Connect is at https://docs.splunk.com/Documentation/DBX

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...

Cisco Use Cases, ITSI Best Practices, and More New Articles from Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...