- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I am a beginner here. We run a prediction platform for network incidents and wish to integrate with Splunk. We will be extracting the processed logs from Splunk and showing semantics in our platform. Currently we are using Splunk REST APIs extracting data successfully. Yet, I heard of Splunk APP and Add-ons in Splunkbase which I believe is for moving data from outside to Splunk. Request your guidance in identifying whether we should go for APP/Add-on or go ahead with REST APIs only regards abhi
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe if the API method is working properly in your environment, you can keep doing it. In additional there is a SDK method that also being used for high volume of data and one of advantages is the automation.
Check these document:
https://docs.splunk.com/Documentation/Splunk/8.0.0/Search/Exportsearchresults
SDK -> https://docs.splunk.com/Documentation/Splunk/8.0.0/Search/ExportdatausingSDKs
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe if the API method is working properly in your environment, you can keep doing it. In additional there is a SDK method that also being used for high volume of data and one of advantages is the automation.
Check these document:
https://docs.splunk.com/Documentation/Splunk/8.0.0/Search/Exportsearchresults
SDK -> https://docs.splunk.com/Documentation/Splunk/8.0.0/Search/ExportdatausingSDKs
