Hi,
I have a Cassandra database which is only accessible though REST API (through authentication). I want to fetch the data from Cassandra database (NO SQL database) through SPLUNK. I am using Splunk DB Connect on the search head and using it, but it seems that that database is only accessible through API calls.
Could you please show some kind of solution to fetch the data from Cassandra DB through API in Splunk?
Cheers,
Abhay
=== UPDATE ===
See comments for help with the REST API Modular Input Configuration.
Hi Abhay,
Did you onboard cassandra logs? If you did can you please tell us the process here.
Thanks in advance,
You're wasting your time with the Splunk DB Connect app. Have a look at the REST API Modular Input app (https://splunkbase.splunk.com/app/1546/). It looks like it will do what you need.
Thanks for your response Rich .. Do I need to write any python programming to get the things done OR this application configuration will do the stuff !!
The REST app should do what you need.
You could also create a scripted input that launches a python or Java program to make the REST call, but the app should be easier.
I have installed this app in my search head and when i click on the app "rest_ta", it shows a simple search page. There is nothing to configure so that I can connect to my cassandra DB to get the data through API.
TA's usually are installed on indexers rather than search heads. I have no personal experience with that app, however, so I can't help much with it.
Well Rich, I have a cassandra box which is only accessible through REST API from the outer world.
And at the other end, I have Splunk Indexer in another box.
Now , In order to get the data to the Splunk Indexer how Do I get it through "REST_TA" modular inputs ?
Do I need to install "rest_ta" in the cassandra box and configure something OR how do get it configured to get the data in my splunk indexer.
Cheers,
Abhay
hey did you find the solution to Splunk-Cassandra Integration?
I don't know much about it, but I know that DataStax has a Cassandra connector for Hunk. Are you using Hunk, or just Splunk Enterprise?
I am using only Splunk Enterprise !!