Hi
What is the best way to get data into Splunk from Elasticsearch, so i can put Datamodles on to it.
Thanks
Robert Lynch
Hi @robertlynch2020,
Check my answer here :
https://answers.splunk.com/answers/751469/elastic-to-splunk-migration-how-to.html?childToView=752706...
Cheers,
David
This might be helpful for anyone visiting; I have started working on an addon for Elasticsearch instances, feel free to use it!
https://splunkbase.splunk.com/app/4175/
Hi larmesto!
Is this solution a reliable instument for data input?
Like splunk dbconnect, for example.
Thanks in advance.
Rashid
I have used this and it works really well so far in Splunk 7.1:
https://github.com/brunotm/elasticsplunk
it adds a new command ess
that allows you to specify one or more nodes to search against. It provides results back using the statistics model (sorta like using db connect to query a db directly).
hello,
From what I have made :
I query elasticsearch via python scripts, then I route the results to the Python script.
And I deposit the script.py on the bin of my application. And there you can call it easily.
Kind regards
Imane El Mostaad,
hi Imane El Mostaad,
it this method OK and reliable?
thanks in advance,
Rashid
Hi robertlynch2020,
this links might help you:
https://www.hurricanelabs.com/splunk-tutorials/splunk-tutorial-using-splunk-to-pull-results-from-ela...
https://devpost.com/software/splunk-elasticsearch
Hi p_gurav!
Could you please share your experience, are these 2 solutions reliable as an instument for data input?
Like splunk dbconnect, for example.
Thanks in advance.
Rashid