- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- How can I import events from an AWS:RDS PostgreSQL...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have an application on an AWS:EC2 (Linux) instance that uses an AWS:RDS PostgreSQL instance (in the same subnet) to store its key process information and I'd like to pull from that DB table into Splunk for reporting purposes. I already have a Splunk Universal Forwarder installed and running on the EC2 instance; is it possible to get data from the RDS DB into the EC2 forwarder to pass on to the "splunkcloud" indexer(s)? Any help would be greatly appreciated.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think I may have just found my own answer... searching through Splunk docs, I see that there is no direct "monitoring" of DB tables and, therefore, a forwarder (such as the "Universal Forwarder" that I have set up) cannot gather data from a DB to pass on to an indexer. However, there is an add-on to Splunk Enterprise ("Splunk DB Connect") that will "import tables, rows, and columns from a database directly into Splunk Enterprise, which indexes the data". I will be talking to our Splunk administrator to see if we can get this add-on implemented. Wish us luck; it should do what we want.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
,I am having a concern regarding situation where a multiple DB's should be connected to splunk (Database logs should go to splunk), however this is possible with the universal forwarder but here I am not using the enterprise splunk where it is not showing DB connect or under DATA except(Report acceleration summaries) drop down settings bar on the top right in a commercial splunk console, In this case how can I install the forwarder to configure it with the RDS in the environment to draw the DB logs to go to splunk? What procedure I can able to follow to send the DB logs to go to splunk with no admin rights or by the commercial splunk. any suggestions are much appreciated.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think I may have just found my own answer... searching through Splunk docs, I see that there is no direct "monitoring" of DB tables and, therefore, a forwarder (such as the "Universal Forwarder" that I have set up) cannot gather data from a DB to pass on to an indexer. However, there is an add-on to Splunk Enterprise ("Splunk DB Connect") that will "import tables, rows, and columns from a database directly into Splunk Enterprise, which indexes the data". I will be talking to our Splunk administrator to see if we can get this add-on implemented. Wish us luck; it should do what we want.
Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
