settings to configure hunk for Hive ORC table

pawantiwari3987 · ‎01-22-2015

Hi Team,
Please help us in configuring hadoop provider/virtual index so that we can map it on hive orc table. we are able to search on simple/text table however when we give path of orc table it show output in some unreadable format.

Regards
Pawan Tiwari

hyan_splunk · ‎04-03-2015

For any hive formats other than text, you need to specify fileformat property. So in your case:

vix.input.1.splitter.hive.fileformat = orc

rdagan_splunk · ‎01-26-2015

If you have access to the Metastore URI, it should look similar to this example

In the Provider add these two flags:
vix.splunk.search.splitter = HiveSplitGenerator
vix.hive.metastore.uris = thrift://sandbox:9083 (you can find the value in hive-site.xml)

In the Virtual Index you will need to point to the actual ORC file, DB Name, Table Name:
[employee_orc]
vix.input.1.path = /apps/hive/warehouse/employees_orc
vix.provider = HiveHDPProvider
vix.input.1.splitter.hive.dbname = default
vix.input.1.splitter.hive.tablename = employees_rc

settings to configure hunk for Hive ORC table

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation

settings to configure hunk for Hive ORC table

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions