Splunk Cloud Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Send data from Splunk cloud to external server/Cloud/DB

smanojkumar
Communicator
‎12-02-2021 07:37 AM

I would like to send data (Output) from Splunk to external server/Cloud/DB, Please suggest me the best way.

Everyday around 10-15k records, I would like to utilize that data in other Analytics tool for ex: Power BI

Labels (1)
Labels
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎12-05-2021 12:57 AM

I'll assume that you want to "export" some sets of data in a batch mode.

You have several options.

First and most obvious is "don't do it, use Splunk" but that's probably not what you're after.

Second one is a pull-mode solution - your external system calls Splunk using API, runs a search, retrieves results.

Third one is relatively simple on Splunk's side, more complicated on receiving side - you schedule a repory in Splunk which sends the results to a mail recipient. Then you have to extract the results from the mail on the receiving end. A bit fussy.

Fourthly, you might look for an app containing appropriate custom alert action so you can save/send the results to your external solution. Of course the results might vary - there might already be such app but there might be not.

And lastly, you can write your own custom alert action. But it involves a bit of development.

I'd strongly suggest checking if what you want with the data can be achieved in Splunk alone.

0 Karma
Reply

smanojkumar
Communicator
‎12-05-2021 08:52 PM

@PickleRick Thanks for your response, We are mostly utilizing Splunk only however this requirement we should send some of the data to other target everyday schedule. Second option using API can you please provide more details

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎12-05-2021 09:03 PM

Splunk provides a relatively rich REST API. https://docs.splunk.com/Documentation/Splunk/8.2.3/RESTREF/RESTprolog

You'll probably be interested mostly in https://docs.splunk.com/Documentation/Splunk/8.2.3/RESTTUT/RESTsearches

0 Karma
Reply

Roy_9
Motivator
‎12-04-2021 11:14 PM

Yes you could try sending these logs into S3 bucket, there is an out of the box feature in Splunk cloud or else you could install splunk add-on for aws too and configure it to point to an S3 bucket.

0 Karma
Reply

smanojkumar
Communicator
‎12-05-2021 08:53 PM

@Roy_9 Thanks for the response, We will check this option if possible provide more details and we are using Microsoft Azure.

0 Karma
Reply

Roy_9
Motivator
‎12-06-2021 06:01 PM

https://docs.splunk.com/Documentation/AddOns/released/MSCloudServices/Configureazurestorageaccount

 

This might help you

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...