Ready to get started?

Learn more about the CData JDBC Driver for Splunk or download a free trial:

Download Now

Create a Splunk Data Source for Denodo Platform

Use the CData JDBC Driver for Splunk to create a virtual data source for Splunk data in the Denodo Virtual DataPort Administrator.

Denodo Platform is a data virtualization product providing a single point of contact for enterprise database data. When paired with the CData JDBC Driver for Splunk, Denodo users can work with live Splunk data alongside other enterprise data sources. This article walks through creating a virtual data source for Splunk in the Denodo Virtual DataPort Administrator.

With built-in optimized data processing, the CData JDBC Driver offers unmatched performance for interacting with live Splunk data. When you issue complex SQL queries to Splunk, the driver pushes supported SQL operations, like filters and aggregations, directly to Splunk and utilizes the embedded SQL engine to process unsupported operations client-side (often SQL functions and JOIN operations). Its built-in dynamic metadata querying allows you to work with and analyze Splunk data using native data types.

Create a Splunk Virtual Port

To connect to live Splunk data from Denodo, you need to copy the JDBC Driver JAR file to the external library directory for Denodo and create a new JDBC Data Source from the Virtual DataPort Administrator tool.

  1. Download the CData JDBC Driver for Splunk installer, unzip the package, and run the JAR file to install the driver.
  2. Copy the JAR File (and license file if it exists) from the installation location (typically C:\Program Files\CData\CData JDBC Driver for Splunk\lib\) to the Denodo external library directory (C:\Denodo\Denodo Platform\lib-external\jdbc-drivers\cdata-splunk-19).
  3. Open the Denodo Virtual DataPort Administrator tool and navigate to the Server Explorer tab.
  4. Right-click "admin" and select New -> Data source -> JDBC.
  5. Configure the JDBC Connection:
    • Name: your choice, e.g.: splunk
    • Database adapter: Generic
    • Driver class path: C:\Denodo\Denodo Platform\lib-external\jdbc-drivers\cdata-splunk-19
    • Driver class: cdata.jdbc.splunk.SplunkDriver
    • Database URI: Set this to a JDBC URL using the necessary connection properties. For example,

      jdbc:splunk:user=MyUserName;password=MyPassword;URL=MyURL;InitiateOAuth=GETANDREFRESH

      Information on creating the Database URI follows:

      Built-In Connection String Designer

      For assistance in constructing the JDBC URL, use the connection string designer built into the Splunk JDBC Driver. Either double-click the JAR file or execute the jar file from the command-line.

      java -jar cdata.jdbc.splunk.jar

      Fill in the connection properties and copy the connection string to the clipboard.

      To authenticate requests, set the User, Password, and URL properties to valid Splunk credentials. The port on which the requests are made to Splunk is port 8089.

      The data provider uses plain-text authentication by default, since the data provider attempts to negotiate TLS/SSL with the server.

      If you need to manually configure TLS/SSL, see Getting Started -> Advanced Settings in the data provider help documentation.

  6. Click the "Test connection" button to confirm the configuration and click Save.

View Splunk Data in the VirtualPort Administrator Tool

After creating the data source, you can create a base view of Splunk data for use in the Denodo Platform.

  1. Click the "Create base view" button in the newly created VirtualPort (admin.Splunk).
  2. Expand the object tree and select the objects (tables) you wish to import.
  3. Click the "Create selected" button to create views of the Splunk data.
    Optional: Click "Create associations from foreign keys" to define relationships between the objects.
  4. With the view(s) created, navigate to a table (cdata_splunk_datamodels) in the Server Explorer and double-click the selected table.
  5. In the new tab, click "Execution panel" to open a query panel.
  6. Customize the query in the "Execute" tab or use the default:
    SELECT * FROM cdata_splunk_datamodels CONTEXT ('i18n'='us_est', 'cache_wait_for_load'='true')
    
  7. Click Execute to view the data.

With the base view created, you can now work with live Splunk data like you would any other data source in Denodo Platform, for example, querying Splunk in the Denodo Data Catalog.

Download a free, 30-day trial of the CData JDBC Driver for Splunk and start working with your live Splunk data in Denodo Platform. Reach out to our Support Team if you have any questions.