All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Ways to index MongoDB data in Splunk

JohannLiebert92
Path Finder
‎02-05-2018 10:24 PM

Hi everyone,

I'm looking for ways to index data from MongoDB.

As per the post below, I'm aware of Hunk App for MongoDB and/or DB Connect,
https://answers.splunk.com/answers/553356/mongodb-data-indexing.html?utm_source=typeahead&utm_medium...

However, as I'm running Splunk 7.0.1, Hunk App for MongoDB doesn't seem to work in my case, I was unable to create virtual index (the New button is not visible). As for DB Connect, I'm aware of UnityJDBC which allows Splunk to connect to MongoDB but only during the trial, after which a license is required for full functionality. I would like to keep the purchase of the driver license as the last resort. May I know is there any alternatives to the above mentioned methods?

Any help would be much appreciated!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

nyoung_splunk
Splunk Employee
Splunk Employee
‎02-07-2018 08:38 AM

For my MongoDB I created a REST Interface and created the access token. This allowed me to use the Rest-TA and pull the specific indexes from the MongoDB. It will come into Splunk as JSON and will parse out fairly easily to search through.

View solution in original post

Reply
Solved! Jump to solution
Solution

nyoung_splunk
Splunk Employee
Splunk Employee
‎02-07-2018 08:38 AM

For my MongoDB I created a REST Interface and created the access token. This allowed me to use the Rest-TA and pull the specific indexes from the MongoDB. It will come into Splunk as JSON and will parse out fairly easily to search through.

Reply
Solved! Jump to solution

JohannLiebert92
Path Finder
‎02-19-2018 08:04 PM

Hi nyoung,

Sorry for the delays.

Thanks for your suggestion! I'm quite new to MongoDB, may I know how is the effort like to create a REST interface and access token for MongoDB? Or if you have a link you could share that would be great.

0 Karma
Reply
Solved! Jump to solution

nyoung_splunk
Splunk Employee
Splunk Employee
‎02-20-2018 08:51 AM

Sorry, I meant to go back and add a link for it.
easiest is to "npm install mongodb-rest" (https://www.npmjs.com/package/mongodb-rest)

Then here are some good step by step write up's for creating the rest instance in Node.js so you can pull down the different conditions. Check out the list of references with these three you should be able to figure most of it out to create your own.

References:
https://www.npmjs.com/package/mongodb-rest
https://getstream.io/blog/building-rest-api-node-js-restify-mongodb/
https://docs.mongodb.com/ecosystem/tools/http-interfaces/

0 Karma
Reply
Solved! Jump to solution

JohannLiebert92
Path Finder
‎02-20-2018 06:24 PM

Thanks! I will check those out

0 Karma
Reply
Get Updates on the Splunk Community!

Join Us for Splunk University and Get Your Bootcamp Game On!

If you know, you know! Splunk University is the vibe this summer so register today for bootcamps galore ...

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

.conf24 is taking place at The Venetian in Las Vegas from June 11 - 14. Continue reading to learn about the ...

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...