Re: How to get SCOM data to Splunk without Windows...

trifonesplunk · ‎04-08-2022

My company does not have a Windows Server with Splunk Enterprise so I cannot use the Splunk Add-on for SCOM to ingest the data. I would like to use the database instead but I dont know what data from tables to send like the add-on performs. Can someone help?

wmazur-splunk · ‎01-04-2023

Direct reads from SCOM Database was introduced in Splunk Add-on for Microsoft SCOM 4.3.0 (https://docs.splunk.com/Documentation/AddOns/released/MSSCOM/Direct)

VatsalJagani · ‎04-08-2022

@trifonesplunk For collecting from database tables you can use DB Connect App (https://splunkbase.splunk.com/app/2686/).

But I don't have much idea about SCOM database tables and what tables to bring in.

But with DB Connect you can run SQL queries to find out what tables a database contains and what tables could be useful to you, etc.

How to get SCOM data to Splunk without Windows Server?

using Splunk Enterprise

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Join the Conversation