Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Data import in SPLUNK

abhayneilam
Contributor
‎11-29-2012 06:42 AM

Hi,

I have a Digital Guardian( DG) Tool installed in around 10 systems to prevent the data leakage, DG tool generates the Activity Log every Monday and there is a team who uploads those logs in the library and every time we download the logs from that library and import to SPLUNK.

Please let me know what ever the logs are getting generated by DG tool, I want all those logs to be imported directly to SPLUNK ( means : Logs will be generated by DG tool and automatically be fed to SPLUNK ), I dont wish to downlod the log and then import it to SPLUNK , instead I want the logs to be imported directly

Please help me to solve this problem

Your help is very much appreciated in this regards,

Tags (4)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Drainy
Champion
‎11-29-2012 06:48 AM

Have a read of this;

http://docs.splunk.com/Documentation/Splunk/5.0.1/Deploy/Aboutforwardingandreceivingdata

It should hopefully answer most of your questions, if you hit a snag then just post back 🙂

View solution in original post

0 Karma
Reply
Solved! Jump to solution

abhayneilam
Contributor
‎11-29-2012 07:29 AM

I was just asking that DG tool is generating set of files every monday that i want to directly import to my SPLUNK server, How it could be done ? Please suggest me some solutions

0 Karma
Reply
Solved! Jump to solution

Ayn
Legend
‎11-29-2012 06:49 AM

I'm not sure how this question really relates to Splunk - isn't it more a matter of how Digital Guardian logs can be extracted? If so, wouldn't it be better to ask in a forum for the Digital Guardian product?

0 Karma
Reply
Solved! Jump to solution
Solution

Drainy
Champion
‎11-29-2012 06:48 AM

Have a read of this;

http://docs.splunk.com/Documentation/Splunk/5.0.1/Deploy/Aboutforwardingandreceivingdata

It should hopefully answer most of your questions, if you hit a snag then just post back 🙂

0 Karma
Reply
Solved! Jump to solution

Ayn
Legend
‎11-30-2012 03:45 AM

You can definitely do that.

0 Karma
Reply
Solved! Jump to solution

Drainy
Champion
‎11-30-2012 03:03 AM

You could use http://splunk-base.splunk.com/apps/50803/splunk-db-connect from the indexer to connect directly, or use heavy forwarders to potentially connect remotely and forward the data. I haven't really explored how it functions yet

0 Karma
Reply
Solved! Jump to solution

abhayneilam
Contributor
‎11-30-2012 02:56 AM

Is it possible to connect SPLUNK forwarders with the SQL server, so that It will run a query to fetch the data and directly those data will be sent to the SPLUNK server..

Please help !!

0 Karma
Reply
Solved! Jump to solution

Ayn
Legend
‎11-29-2012 07:30 AM

???

You've been around for quite some time here and you don't know how Splunk licensing works? The Universal Forwarder can be downloaded free of charge from http://www.splunk.com/download/universalforwarder

0 Karma
Reply
Solved! Jump to solution

abhayneilam
Contributor
‎11-29-2012 07:27 AM

You mean to say that I should have "forwarders" installed in all those 10 servers too, so that it could collect the data generated by DG tool and forwards to the SPLUNK server directly for processing... If this is so , Do I need to pay anything to get the SPLUNK forwarders ? please suggest

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...