Visualize Splunk Data in Sisense



Create an ElastiCube in Sisense app with access to Splunk data.

Sisense lets you join, analyze, and picture data to make more intelligent business decisions and craft effective strategies. The CData JDBC Driver for Splunk makes it easy to integrate with Splunk data in Sisense. This article shows how to create an ElastiCube that connects to Splunk data and use the ElastiCube to visualize Splunk data in Sisense.

Configure the Connection to Splunk

Before creating the ElastiCube, note the installation location for the JAR file for the JDBC Driver (typically C:\Program Files\CData\CData JDBC Driver for Splunk 20XX\lib) or copy the jar file (cdata.jdbc.splunk.Splunk.jar) to a new folder in the Sisense JDBC driver directory (typically C:\ProgramData\Sisense\DataConnectors\jdbcdrivers).

  1. In the Data page of the Sisense application, create a new ElastiCube (or open an existing one).
  2. In the Model Editor, click "+ Data" to open the Add Data dialog box.
  3. Click Generic JDBC to open the JDBC settings.
  4. Set the connection string property to the JDBC URL for Splunk, adding required properties.

    To authenticate requests, set the User, Password, and URL properties to valid Splunk credentials. The port on which the requests are made to Splunk is port 8089.

    The data provider uses plain-text authentication by default, since the data provider attempts to negotiate TLS/SSL with the server.

    If you need to manually configure TLS/SSL, see Getting Started -> Advanced Settings in the data provider help documentation.

    Built-in Connection String Designer

    For assistance in constructing the JDBC URL, use the connection string designer built into the Splunk JDBC Driver. Either double-click the JAR file or execute the jar file from the command-line.

    java -jar cdata.jdbc.splunk.jar

    Fill in the connection properties and copy the connection string to the clipboard.

    When you configure the JDBC URL, you may also want to set the Max Rows connection property. This will limit the number of rows returned, which is especially helpful for improving performance when designing reports and visualizations.

    A typical example follows:

    jdbc:splunk:user=MyUserName;password=MyPassword;URL=MyURL;InitiateOAuth=REFRESH
  5. Set the JDBC JARs folder property to the location of the CData JDBC Driver JAR file (see above).
  6. Set the driver's class name to the class name for the JDBC Driver: cdata.jdbc.splunk.SplunkDriver
  7. Leave the username and password properties blank.
  8. Click Next.

Add Splunk Data to an ElastiCube

Once you are connected to Splunk, you can add tables and views to your ElastiCubes.

  1. From the Tables list, select the tables and/or views you wish to work with.
  2. (Optional) Click "+" to customize the data you want to import with SQL.
  3. Click Done.
  4. Click Build to build the ElastiCube for analytics.

Visualize Splunk Data

With Splunk tables added to your ElastiCube, you can perform analytics on your Splunk data.

  1. Navigate to the Analytics page of the Sisense application
  2. Select a Dashboard (or create a new one)
  3. Select your Data Source and click Create
  4. Click "+ Select Data" and choose fields to add to your visualization.

With the CData JDBC Driver for Splunk, you can access Splunk data right in Sisense for powerful visualization and analytics. Download a free, 30-day trial and start working with Splunk data in Sisense today!

Ready to get started?

Download a free trial of the Splunk Driver to get started:

 Download Now

Learn more:

Splunk Icon Splunk JDBC Driver

Rapidly create and deploy powerful Java applications that integrate with Splunk data including Datamodels, Datasets, SearchJobs, and more!