All Apps and Add-ons

Ways to index MongoDB data in Splunk

JohannLiebert92
Path Finder

Hi everyone,

I'm looking for ways to index data from MongoDB.

As per the post below, I'm aware of Hunk App for MongoDB and/or DB Connect,
https://answers.splunk.com/answers/553356/mongodb-data-indexing.html?utm_source=typeahead&utm_medium...

However, as I'm running Splunk 7.0.1, Hunk App for MongoDB doesn't seem to work in my case, I was unable to create virtual index (the New button is not visible). As for DB Connect, I'm aware of UnityJDBC which allows Splunk to connect to MongoDB but only during the trial, after which a license is required for full functionality. I would like to keep the purchase of the driver license as the last resort. May I know is there any alternatives to the above mentioned methods?

Any help would be much appreciated!

0 Karma
1 Solution

nyoung_splunk
Splunk Employee
Splunk Employee

For my MongoDB I created a REST Interface and created the access token. This allowed me to use the Rest-TA and pull the specific indexes from the MongoDB. It will come into Splunk as JSON and will parse out fairly easily to search through.

View solution in original post

nyoung_splunk
Splunk Employee
Splunk Employee

For my MongoDB I created a REST Interface and created the access token. This allowed me to use the Rest-TA and pull the specific indexes from the MongoDB. It will come into Splunk as JSON and will parse out fairly easily to search through.

JohannLiebert92
Path Finder

Hi nyoung,

Sorry for the delays.

Thanks for your suggestion! I'm quite new to MongoDB, may I know how is the effort like to create a REST interface and access token for MongoDB? Or if you have a link you could share that would be great.

0 Karma

nyoung_splunk
Splunk Employee
Splunk Employee

Sorry, I meant to go back and add a link for it.
easiest is to "npm install mongodb-rest" (https://www.npmjs.com/package/mongodb-rest)

Then here are some good step by step write up's for creating the rest instance in Node.js so you can pull down the different conditions. Check out the list of references with these three you should be able to figure most of it out to create your own.

References:
https://www.npmjs.com/package/mongodb-rest
https://getstream.io/blog/building-rest-api-node-js-restify-mongodb/
https://docs.mongodb.com/ecosystem/tools/http-interfaces/

0 Karma

JohannLiebert92
Path Finder

Thanks! I will check those out

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...