Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Get Data into Splunk from Elasticsearch

robertlynch2020
Influencer
‎01-10-2018 08:26 AM

Hi

What is the best way to get data into Splunk from Elasticsearch, so i can put Datamodles on to it.

Thanks
Robert Lynch

Labels (1)
Labels
Reply

DavidHourani
Super Champion
‎06-16-2019 06:18 AM

Hi @robertlynch2020,

Check my answer here :
https://answers.splunk.com/answers/751469/elastic-to-splunk-migration-how-to.html?childToView=752706...

Cheers,
David

0 Karma
Reply

larmesto
Path Finder
‎09-25-2018 11:47 AM

This might be helpful for anyone visiting; I have started working on an addon for Elasticsearch instances, feel free to use it!
https://splunkbase.splunk.com/app/4175/

Reply

highsplunker
Contributor
‎03-16-2020 03:08 AM

Hi larmesto!

Is this solution a reliable instument for data input?
Like splunk dbconnect, for example.

Thanks in advance.
Rashid

0 Karma
Reply

hcannon
Path Finder
‎07-10-2018 07:40 AM

I have used this and it works really well so far in Splunk 7.1:
https://github.com/brunotm/elasticsplunk

it adds a new command ess that allows you to specify one or more nodes to search against. It provides results back using the statistics model (sorta like using db connect to query a db directly).

0 Karma
Reply

consultanteIman
New Member
‎05-10-2018 06:46 AM

hello,

From what I have made :
I query elasticsearch via python scripts, then I route the results to the Python script.
And I deposit the script.py on the bin of my application. And there you can call it easily.

Kind regards
Imane El Mostaad,

0 Karma
Reply

highsplunker
Contributor
‎03-16-2020 03:11 AM

hi Imane El Mostaad,
it this method OK and reliable?

thanks in advance,
Rashid

0 Karma
Reply

highsplunker
Contributor
‎03-16-2020 06:42 AM

Hi p_gurav!
Could you please share your experience, are these 2 solutions reliable as an instument for data input?
Like splunk dbconnect, for example.

Thanks in advance.
Rashid

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...