DB Connect Lookup failing, sending NULL to SQL ser...

arrowecssupport · ‎02-24-2020

I am using DB connect AddOnn 3.1.3 and my results are not being enriched.
When setting up the DB Connect Lookup wizard,

the "Set Reference Search" returns the suitable fields from the Splunk index
the "Set Lookup SQL" returns the requested fields from the DB
I set up the field mapping by selecting all the right fields.

But when i run the "Preview Results" it does not enrich the data.
I've then done a packet capture and extracted the SQL query being sent to the SQL server and the last line is as follows below.

dbxlookup WHERE "serial" IN (null)

So I'm looking up a serial number, and the value should be from the Splunk search.

"serial" AS "SERIAL_NUM"

^^ So this should copy the value of SERIAL_NUM to serial and then be used in the SQL string to the server. But it's sending null by mistake.

marcoscala · ‎07-13-2021

hI!

Any news about this problem? I've the same issue with a Customer with mySQL and DBX 3.4.2.

Regards,

Marco

DB Connect Lookup failing, sending NULL to SQL server

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

A Prelude to .conf25: Your Guide to Splunk University

Are you a member of the Splunk Community?

DB Connect Lookup failing, sending NULL to SQL server

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

A Prelude to .conf25: Your Guide to Splunk University