Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

how to reduce SQL connections from splunk to oracle DB for good performance?

sagar0907
Engager
‎12-15-2019 10:28 PM

we are building various dashboards for monitoring purpose. Most of the dashboards need the data from database, which we are fetching by connection to database using DBXQuery. initially the panels on the dashboard were populating Quickly but later on due to increased DB connection everything got slower. Now we are trying to reduce the connections to Database as the Queries are affecting performance of other procedures in database.
i wanted to know that is there any way to reduce connection either by storing the sql o/p(which gives different result on each run) or by using the dump files of the table?
i really need to reduce the sql connections from Splunk

Tags (1)
0 Karma
Reply

somesoni2
Revered Legend
‎12-16-2019 01:23 PM

It'll depend on the type of db query you run (query fetches real-time data or historical), how frequently the database gets updated and how data is stored in tables (do they've timestamp or primary key). Based on feasibility you can setup database inputs to fetch the data periodically to index the data into Splunk, either as a daily/hourly dump OR using a rising column if your data stored a transactional data. This way you'll query the database once and can fire the dashboards many times with indexed data.

Reply

sagar0907
Engager
‎12-16-2019 08:08 PM

this is what i am looking for,can you please provide the link for the documentation( if available) for fetching the data periodically (hourly in my case), i would like to implement this.

0 Karma
Reply

somesoni2
Revered Legend
‎12-16-2019 08:45 PM

Here you go.
https://docs.splunk.com/Documentation/DBX/3.2.0/DeployDBX/Createandmanagedatabaseinputs

0 Karma
Reply

sagar0907
Engager
‎12-16-2019 09:41 PM

i tried to follow the steps and have created an data input wit frequency 1m(for testing) and index as bip( unaware what to chose) . after finishing the set up i tried to search in the app ( search & reporting same as mentioned in settings while creating input) i am unable to get any events or data.

0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

Leveraging Detections from the Splunk Threat Research Team & Cisco Talos

  Now On Demand  Stay ahead of today’s evolving threats with the combined power of the Splunk Threat Research ...

New in Splunk Observability Cloud: Automated Archiving for Unused Metrics

Automated Archival is a new capability within Metrics Management; which is a robust usage & cost optimization ...

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...
Top