Is it possible for Splunk to retrieve data from database tables specifically DB2 and then combine it with the search results from Log4J log file
Depending what you mean, zeigfried's answer may suit your needs. You can also write scripted lookups that match up values found in other data and use that to look up values in a database, in order to enrich the results.
Well i did read the docs from the link you mentioned. Infact i used the link to do lookup using static table but i need dynamic lookup from database, thats where the link you provided doesnt have much information on how to configure DB2 drivers and sample lookup script (in Python for Java Developers) to extract values from database and put the results into search query.
You can refer to the docs and examples here: http://www.splunk.com/base/Documentation/4.1.6/Knowledge/Addfieldsfromexternaldatasources#Set_up_a_f...
I am able to search and extract values from Log4J log file into a CSV Report. But few of the columns in the report needs to be populated from database. For example one of the column in the report is "id" and we have to retrieve "name" value from the database by passing the "id" as an argument to SQL query in DB2 database.
I would greatly appreciate if you could point me to example on Splunk website or take few moments to describe on this post on how to go about making /configuring connection to database, passing "id" as argument from report to SQL query and then populating name from database
Yes, it is possible to set up scripted inputs that poll a database table, transform it into something text based and have Splunk index this as events. I've built a few Java/JDBC based solutions for this task since Java has the broadest support for Databases.