Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to connect to a cloud based application to pull logs into Splunk via REST API?

sbattista09
Contributor
‎06-10-2016 07:10 AM

What would the steps be to connect to a cloud based application to pull logs via API into Splunk? I am trying to learn how to use this function of Splunk and not sure where to start and the documentation is a little hard to follow. Keep in mind I am not a programmer.

Reply

larryleeroberts
Path Finder
‎01-16-2020 06:17 AM

It seems really strange to me that Splunk has yet to offer a method to "pull". Recently, Dynatrace made the Dynatrace SaaS logs available through their API. I want to pull these into Splunk. I agree with Rich that it looks like the only way to do this is through the API and writing something on your own to execute the pull.

0 Karma
Reply

adnankhan5133
Communicator
‎06-26-2018 01:58 PM

Is there a specific method to pull Oracle Cloud Platform logs into Splunk? Would this require using REST API's or the HTTP Event Collector?

Reply

woodcock
Esteemed Legend
‎06-13-2016 09:27 AM

You would not use REST API for that, you would use Http Event Collector (HEC):
http://dev.splunk.com/view/event-collector/SP-CAAAE6M

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-14-2016 06:10 AM

The OP said he wanted to "pull" logs into Splunk, which I take to mean "do something on the Splunk server to get my cloud logs indexed". That's why I suggested the REST app.
The HEC would be the way to go if the cloud app was pushing logs into Splunk and could be modified to use HEC.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

woodcock
Esteemed Legend
‎06-14-2016 06:52 AM

There is no clientless way to pull anything anywhere so I assumed he mis-spoke and that he needs a clientless push.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-10-2016 07:18 AM

Have a look at the REST API Modular Input app (https://splunkbase.splunk.com/app/1546/#/documentation ). It will do most of the heavy lifting for you, but you may need to do some programming yourself (or get some help).

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

Data Management Digest – May 2026

Welcome to the May 2026 edition of Data Management Digest!   As your trusted partner in data innovation, the ...