Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Send data from Splunk

tonyArad
Engager
‎08-08-2013 05:41 AM

Is it possible to use Splunk as a data storage server and build an application that will send the data contained by Splunk by REST API to another server?

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

amit_saxena
Communicator
‎08-09-2013 04:15 AM

Hi,

While REST API and SDK allows you to integrate Splunk with third party applications, you can also use custom scripts etc for the same if the third party application has a provision for the same.

You can use alerts feature in Splunk to call custom third party scripts / command line binary etc to pass on the search data from Splunk to third party application.

Let me know if you have any queries on this.

Regards,
Amit Saxena

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

amit_saxena
Communicator
‎08-09-2013 04:15 AM

Hi,

While REST API and SDK allows you to integrate Splunk with third party applications, you can also use custom scripts etc for the same if the third party application has a provision for the same.

You can use alerts feature in Splunk to call custom third party scripts / command line binary etc to pass on the search data from Splunk to third party application.

Let me know if you have any queries on this.

Regards,
Amit Saxena

0 Karma
Reply
Solved! Jump to solution

amit_saxena
Communicator
‎09-11-2013 01:11 AM

Hi Tony,

You can use any programming language of your choice ( which has capability to work with REST API calls ) and then use the REST API depending upon your requirement. For details on REST API, you can refer the Splunk REST API documentation at http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTcontents .

Note : As "davecroto" has mentioned in later post, you can also use Splunk SDK available in few languages which acts like a wrapper over REST API to do the tasks thus simplifying the overall tasks.

Let me know if you have more queries on this.

Regards,
Amit Saxena

0 Karma
Reply
Solved! Jump to solution

tonyArad
Engager
‎09-06-2013 12:09 AM

Hi Amit,
Thank you for your answer.
Can you please elaborate on the script/command needed in order to send out data? how do I configure it?
Thanks again!
Tony

0 Karma
Reply
Solved! Jump to solution

davecroto
Splunk Employee
Splunk Employee
‎08-08-2013 01:05 PM

Yes, Integrate with third-party tools and or portals using the SDK language of your choice.

http://dev.splunk.com/view/splunk-sdk/SP-CAAADP7

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...