Solved: How to create a weekly report which covers databas... - Splunk Community

Splunk Cloud Platform

Hello all

I have installed universal forwarder on Databases and now want to create a weekly report which covers database operations, for example table deletion, database modifications etc. Do I need to install any app? Currently forwarders are configured only to collect windows events.

Regards

1 Solution

Solution

Universal forwarders would not fetch the database operations there are two ways

1) use DB connect APP if you have a heavy forwarder install on it configure the parameters and get the data into splunk try the steps in this video

https://www.youtube.com/watch?v=H3DxIMh8sb4

or the documentation

https://docs.splunk.com/Documentation/DBX/3.8.0/DeployDBX/HowSplunkDBConnectworks

2) export the Database logs to file and then read the data using UF

View solution in original post

Solution

Universal forwarders would not fetch the database operations there are two ways

1) use DB connect APP if you have a heavy forwarder install on it configure the parameters and get the data into splunk try the steps in this video

https://www.youtube.com/watch?v=H3DxIMh8sb4

or the documentation

https://docs.splunk.com/Documentation/DBX/3.8.0/DeployDBX/HowSplunkDBConnectworks

2) export the Database logs to file and then read the data using UF

Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious! We’re back with a Special ...