Data inputs
Knowing all of the applications and methods we can use to get data into Splunk, let's talk about the types of data inputs from data sources, and how they get to the indexer. There are six general types of data inputs in Splunk:
- API inputs
- Database inputs
- Monitoring inputs
- Scripted inputs
- Modular inputs
- Windows inputs
API inputs
There are two ways to get REST API data into Splunk:
- Download the REST API modular input, and install it into your Heavy Forwarder
- Write a REST API poller using cURL or some other method to query the API, and scrub the output for the data you need
If at all possible, use the REST API modular input from Splunk, as it is very easy to set up and use. Just figure out your URL, and set up the API input and it's interval that ...
Get Splunk Best Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
