Products

Solutions

Connectors

Support

Company

Resources

Ready to get started?

Download a free trial of the Splunk Connector to get started:

Download Now

Learn more:

Splunk Python Connector

Python Connector Libraries for Splunk Data Connectivity. Integrate Splunk with popular Python tools like Pandas, SQLAlchemy, Dash & petl.

Use Dash to Build to Web Apps on Splunk Data

Create Python applications that use pandas and Dash to build Splunk-connected web apps.

The rich ecosystem of Python modules lets you get to work quickly and integrate your systems more effectively. With the CData Python Connector for Splunk, the pandas module, and the Dash framework, you can build Splunk-connected web applications for Splunk data. This article shows how to connect to Splunk with the CData Connector and use pandas and Dash to build a simple web app for visualizing Splunk data.

With built-in, optimized data processing, the CData Python Connector offers unmatched performance for interacting with live Splunk data in Python. When you issue complex SQL queries from Splunk, the driver pushes supported SQL operations, like filters and aggregations, directly to Splunk and utilizes the embedded SQL engine to process unsupported operations client-side (often SQL functions and JOIN operations).

Connecting to Splunk Data

Connecting to Splunk data looks just like connecting to any relational data source. Create a connection string using the required connection properties. For this article, you will pass the connection string as a parameter to the create_engine function.

To authenticate requests, set the User, Password, and URL properties to valid Splunk credentials. The port on which the requests are made to Splunk is port 8089.

The data provider uses plain-text authentication by default, since the data provider attempts to negotiate TLS/SSL with the server.

If you need to manually configure TLS/SSL, see Getting Started -> Advanced Settings in the data provider help documentation.

After installing the CData Splunk Connector, follow the procedure below to install the other required modules and start accessing Splunk through Python objects.

Install Required Modules

Use the pip utility to install the required modules and frameworks:

pip install pandas
pip install dash
pip install dash-daq

Visualize Splunk Data in Python

Once the required modules and frameworks are installed, we are ready to build our web app. Code snippets follow, but the full source code is available at the end of the article.

First, be sure to import the modules (including the CData Connector) with the following:

import os
import dash
import dash_core_components as dcc
import dash_html_components as html
import pandas as pd
import cdata.splunk as mod
import plotly.graph_objs as go

You can now connect with a connection string. Use the connect function for the CData Splunk Connector to create a connection for working with Splunk data.

cnxn = mod.connect("user=MyUserName;password=MyPassword;URL=MyURL;InitiateOAuth=GETANDREFRESH;OAuthSettingsLocation=/PATH/TO/OAuthSettings.txt")")

Execute SQL to Splunk

Use the read_sql function from pandas to execute any SQL statement and store the result set in a DataFrame.

df = pd.read_sql("SELECT Name, Owner FROM DataModels WHERE Id = 'SampleDataset'", cnxn)

Configure the Web App

With the query results stored in a DataFrame, we can begin configuring the web app, assigning a name, stylesheet, and title.

app_name = 'dash-splunkedataplot'

external_stylesheets = ['https://codepen.io/chriddyp/pen/bWLwgP.css']

app = dash.Dash(__name__, external_stylesheets=external_stylesheets)
app.title = 'CData + Dash'

Configure the Layout

The next step is to create a bar graph based on our Splunk data and configure the app layout.

trace = go.Bar(x=df.Name, y=df.Owner, name='Name')

app.layout = html.Div(children=[html.H1("CData Extension + Dash", style={'textAlign': 'center'}),
	dcc.Graph(
		id='example-graph',
		figure={
			'data': [trace],
			'layout':
			go.Layout(title='Splunk DataModels Data', barmode='stack')
		})
], className="container")

Set the App to Run

With the connection, app, and layout configured, we are ready to run the app. The last lines of Python code follow.

if __name__ == '__main__':
    app.run_server(debug=True)

Now, use Python to run the web app and a browser to view the Splunk data.

python splunk-dash.py

Splunk data in a Dash web app (Salesforce is shown).

Free Trial & More Information

Download a free, 30-day trial of the CData Python Connector for Splunk to start building Python apps with connectivity to Splunk data. Reach out to our Support Team if you have any questions.

Full Source Code

import os
import dash
import dash_core_components as dcc
import dash_html_components as html
import pandas as pd
import cdata.splunk as mod
import plotly.graph_objs as go

cnxn = mod.connect("user=MyUserName;password=MyPassword;URL=MyURL;InitiateOAuth=GETANDREFRESH;OAuthSettingsLocation=/PATH/TO/OAuthSettings.txt")

df = pd.read_sql("SELECT Name, Owner FROM DataModels WHERE Id = 'SampleDataset'", cnxn)
app_name = 'dash-splunkdataplot'

external_stylesheets = ['https://codepen.io/chriddyp/pen/bWLwgP.css']

app = dash.Dash(__name__, external_stylesheets=external_stylesheets)
app.title = 'CData + Dash'
trace = go.Bar(x=df.Name, y=df.Owner, name='Name')

app.layout = html.Div(children=[html.H1("CData Extension + Dash", style={'textAlign': 'center'}),
	dcc.Graph(
		id='example-graph',
		figure={
			'data': [trace],
			'layout':
			go.Layout(title='Splunk DataModels Data', barmode='stack')
		})
], className="container")

if __name__ == '__main__':
    app.run_server(debug=True)

CData Software is a leading provider of data access and connectivity solutions. Our standards-based connectors streamline data access and insulate customers from the complexities of integrating with on-premise or cloud databases, SaaS, APIs, NoSQL, and Big Data.

Connect With Us

Get Started

Data Connectors

ETL/ ELT Solutions

Cloud & API Connectivity

OEM & Custom Drivers