Getting Data In

Where can I find a complete list of data source types that can be indexed in Splunk?

New Member

Hi,
Could you tell me, do you have sort of "list of supported data sources"?
Actually, I want to know complete list of connectors to data source types supported in Splunk Enterprise.
Thanks!

Tags (3)
0 Karma
1 Solution

Motivator

With Splunk there is no such thing as "list of supported data sources" as:
- we take any ascii data
- we have schema on the fly where data knowledge happened at search time and can be modified/created at anytime.http://docs.splunk.com/Documentation/Splunk/6.1.4/Knowledge/WhatisSplunkknowledge
- we have nearly 600 apps providing data knowledge,reports and dashboards. https://apps.splunk.com

View solution in original post

Motivator

With Splunk there is no such thing as "list of supported data sources" as:
- we take any ascii data
- we have schema on the fly where data knowledge happened at search time and can be modified/created at anytime.http://docs.splunk.com/Documentation/Splunk/6.1.4/Knowledge/WhatisSplunkknowledge
- we have nearly 600 apps providing data knowledge,reports and dashboards. https://apps.splunk.com

View solution in original post

Contributor

MarioM is being much too restrictive: Splunk can consume any text data, not just ASCII. UTF-8 is well-supported, for instance. See [https://answers.splunk.com/answers/137342/splunk-cannot-index-and-search-charset-utf-8-without-bom.h... this answer] where it is mentioned one can add CHARSET to the props.conf of any source input.

0 Karma

New Member

How I understood, it supports:
1. Files\Directories monitoring (remote and local)
2. Windows Event Log collection (local via event log channels and remote via WMI)
3. Windows Performance Monitoring (local via PHD API and remote via WMI)
4. AD changes monitoring
5. Local Windows Registry cahnges
6. SNMP traps.
7. Data collection from UDP and TCP ports
8. Collection data from FIFO
9. Scripted Inputs (remote and local)

Sorry, if I made a mistake

0 Karma

Motivator

if you are doing a competitive analysis i would recommend you to contact splunk Sales Engineering team as they will have plenty of infos to share with you

New Member

Thanks for the information Ayn.
Let me change my question.
What kind of collection mechanisms Splunk Enterprise supports from-the-box (without apps instalation)?

0 Karma

New Member

How I understood from this documentation:
1. Splunk doesn't support netflow (or other protocols)?
2. Splunk doesn't suppor ODBC or JDBS?
3. Splunk doesn't support SSH/Telnet?

Is this right?

0 Karma

Legend

Splunk supports scripted inputs which means you're totally free to implement whatever input type you like. There's an app for for netflow, so it supports netflow. There's an app for grabbing database input and there's an ODBC driver that you can use, so it supports that. I don't know how you would expect to index anything using telnet.

New Member

Ok, In this case
Could you tell me, do you have a list of available collection mechanism?
Sort of:
Remote collection:
* ODBS
* SSH/Telnet
* ...
Local collection:
* Windows files
* Linux files
* ...
Passive collection:
* SNMP
* SysLog
* NetFlow
* ...

0 Karma

SplunkTrust
SplunkTrust

as addition:

There is a full list of known/pretrained sourcetypes available on docs http://docs.splunk.com/Documentation/Splunk/6.1.4/Data/Listofpretrainedsourcetypes

New Member

In other words, I want to know, what kind of data and from what kind of sources (I mean OS (Windows, Linux,...), Network Devices (Cisco, Juniper, ...) ...) can be received by a Splunk Indexer?

0 Karma

Motivator

any kind from the moment it is ascii and you have a mechanism to collect it: http://docs.splunk.com/Documentation/Splunk/6.1.4/Data/WhatSplunkcanmonitor

New Member

So, Can Splunk take any type of data from any type of sources (juniper, cisco, RADIUS, ...)?

0 Karma