Overview
The Lyftrondata Provider for Splunk offers the most natural way to access Splunk data from Lyftrondata with ease and also enables to connect with BI, MDM & ML tools, Data warehouses, Databases and other SAAS based applications with zero code and zero infrastructure requirements. The provider wraps the complexity of accessing Splunk data into easy-to-integrate relational fully managed ANSI Sql format. Make faster and better business decisions with Lyftrondata’s Splunk data provider and automatically build your data migration pipelines in minutes, not months.
The provider hides the complexity of accessing data and provides additional powerful security features, smart caching, batching, socket management, and more.
Key Features
- Comprehensive Delta load mechanism.
- Real-time access to Splunk.
- Comprehensive full support of ANSI Sql to query data with ease.
- Collaborative query processing.
Prerequisites
The user must have credentials for Splunk, Lyftrondata and your destination data warehouse, lake or database to perform the data pipeline operation with Lyftrondata.
Establishing a Connection with Lyftrondata's Quickstart Steps
Create your Splunk connection with Lyftrondata by following the 5 easy steps show below:
Step1. Add your connection
Click on Connect section on the left panel → Click on Add Connection button
Step2. Select your connector
In the connector selection panel, search and click Splunk for your connection
Step3. Enter your connection details
In the Connection String section enter the values of the below parameters. The following connection string is required to establish Splunk connection with Lyftrondata.
"user=MyUserName;password=MyPassword;URL=MyURL;"Key | Value | Field |
Connection Name | Enter your connection details | Required |
Username | Enter Splunk Username | Required |
Password | Enter Splunk Password | Required |
URL | Enter URL | Required |
Logfile** | Use the logfile option to debug your job and provide your connection name to generate the log file. [ConnectionConfigurationPath]\Connection_name_log.tx | Optional |
Verbosity** | Choose verbosity 1-5 based on the severity of debugging | Optional |
** For more information, check the Lyftrondata logging and debugging section.
If you want more detailed information about how to establish a connection with Lyftrondata, click on Lyftrondata Connection Quick Start guide.
Step4. Test your connection
Once you are done entering your connection details, simply click on the Test Connection button to test the connectivity. In case your connection fails, add Logfile and Verbosity parameters and check the Lyftrondata logging and debugging section, to debug the error.
Step5. Save your connection
Hurray! Now you have successfully connected with the Lyftrondata Splunk connector and can utilize the connector to Extract, Warehouse, Analyze, Visualize and Share your data.
Data Model
The Lyftrondata Provider for Splunk models entities in the Splunk API as tables, views, and stored procedures. These are defined in schema files, which are simple, text-based configuration files.
API limitations and requirements are documented in this section; you can use the SupportEnhancedSQL feature, set by default, to circumvent most of these limitations.
Tables
The provider models the data in Splunk into a list of tables that can be queried using standard SQL statements.
Generally, querying Splunk tables is the same as querying a table in a relational database. Sometimes there are special cases, for example, including a certain column in the WHERE clause might be required to get data for certain columns in the table. This is typically needed for situations where a separate request must be made for each row to get certain columns. These types of situations are clearly documented at the top of the table page linked below.
Views
Views are composed of columns and pseudo columns. Views are similar to tables in the way that data is represented; however, views do not support updates. Entities that are represented as views are typically read-only entities. Often, a stored procedure is available to update the data if such functionality is applicable to the data source.
Queries can be executed against a view as if it were a normal table, and the data that comes back is similar in that regard. To find out more about tables and stored procedures, please navigate to their corresponding entries in this help document.
Name | Type | Description |
DataModels | Tables | Create, query, update, and delete data models in Splunk. |
Datasets | Tables | Create, query, update, and delete datasets in Splunk. |
SearchJobs | Tables | Create, query, update, and delete search jobs in Splunk. |
AlertsInInternalServer | Views | A dataset object in the example InternalServer data model. |
LookUpReport | Views | An example lookup report representing a view based on a saved report in Splunk. |
UploadedModel | Views | An example of a table object inside a data model. |
Advanced Settings
To view a detailed advanced settings options, go to Splunk Advanced Settings. Complete list of the parameters you can configure in the connection string can be found by clicking Connection String Parameters.