I need to export some data from a Splunk search into a stand-alone Mongo server. Are there any "Free" options which permits this functionality?
Hi,
the Add-on you searching for is Splunk DBConnect v2. It gives you the possibility to import/export database information. By default there is no support for MongoDB.
But there seems to be a solution.
Follow this link.
https://answers.splunk.com/answers/418125/splunk-db-connect-2-what-is-the-serviceclass-for-m.html
also take a look at that
http://www.unityjdbc.com/mongojdbc/setup/mongodb_jdbc_splunk_dbconnect_v2.pdf
kind regards
Unfortunately unityjdbc cost $$$ which I can't spend right now since this is a POC project.
Oh sorry, i did not know that you have to purchase it. But i looked at the site of unityjdbc. Theres seems to be a free trial version of the driver.
http://www.unityjdbc.com/download.php?type=mongodb
Hope this will help you.