Splunk Cloud Platform

Send data from Splunk cloud to external server/Cloud/DB

smanojkumar
Path Finder

I would like to send data (Output) from Splunk to external server/Cloud/DB, Please suggest me the best way.

Everyday around 10-15k records, I would like to utilize that data in other Analytics tool for ex: Power BI

Labels (1)
0 Karma

PickleRick
Ultra Champion

I'll assume that you want to "export" some sets of data in a batch mode.

You have several options.

First and most obvious is "don't do it, use Splunk" but that's probably not what you're after.

Second one is a pull-mode solution - your external system calls Splunk using API, runs a search, retrieves results.

Third one is relatively simple on Splunk's side, more complicated on receiving side - you schedule a repory in Splunk which sends the results to a mail recipient. Then you have to extract the results from the mail on the receiving end. A bit fussy.

Fourthly, you might look for an app containing appropriate custom alert action so you can save/send the results to your external solution. Of course the results might vary - there might already be such app but there might be not.

And lastly, you can write your own custom alert action. But it involves a bit of development.

I'd strongly suggest checking if what you want with the data can be achieved in Splunk alone.

0 Karma

smanojkumar
Path Finder

@PickleRick Thanks for your response, We are mostly utilizing Splunk only however this requirement we should send some of the data to other target everyday schedule. Second option using API can you please provide more details

0 Karma

PickleRick
Ultra Champion
0 Karma

PA1
Builder

Yes you could try sending these logs into S3 bucket, there is an out of the box feature in Splunk cloud or else you could install splunk add-on for aws too and configure it to point to an S3 bucket.

0 Karma

smanojkumar
Path Finder

@PA1 Thanks for the response, We will check this option if possible provide more details and we are using Microsoft Azure.

0 Karma

PA1
Builder
0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...