Validate Splunk Data with QuerySurge

Ready to get started?

Download for a free trial:

Download Now

Learn more:

Splunk JDBC Driver

Rapidly create and deploy powerful Java applications that integrate with Splunk data including Datamodels, Datasets, SearchJobs, and more!



Access and validate Splunk data in QuerySurge using the CData JDBC Driver.

QuerySurge is a smart data testing solution that automates data validation and testing. When paired with the CData JDBC Driver for Splunk, QuerySurge can work with live Splunk data. This article walks through connecting to Splunk data from QuerySurge.

With built-in optimized data processing, the CData JDBC Driver offers unmatched performance for interacting with live Splunk data. When you issue complex SQL queries to Splunk, the driver pushes supported SQL operations, like filters and aggregations, directly to Splunk and utilizes the embedded SQL engine to process unsupported operations client-side (often SQL functions and JOIN operations). Its built-in dynamic metadata querying allows you to work with and analyze Splunk data using native data types.

Connecting to Splunk Data in QuerySurge

To connect to live Splunk data from QuerySurge, you need to deploy the JDBC Driver JAR file to your QuerySurge Agent(s) and add a new connection from the QuerySurge Admin view.

Deploy the JDBC Driver

  1. Download the CData JDBC Driver for Splunk installer, unzip the package, and run the JAR file to install the driver.
  2. Once the driver is installed, stop the Agent Service.
  3. Copy the JAR File (and license file if it exists) from the installation location (typically C:\Program Files\CData\CData JDBC Driver for Splunk\lib\) to your Agent(s) (QuerySurge_install_dir\agent\jdbc).
  4. Restart the Agent Service.

For more information on deploying JDBC drivers for QuerySurge, refer to the QuerySurge Knowledge Base.

Configure a New Connection to Splunk

  1. Log into QuerySurge and navigate to the Admin view.
  2. Click Configuration -> Connections in the Administration Tree.
  3. Click Add to create a new connection.
  4. In the QuerySurge Connection Wizard, click Next.
  5. Name the connection (e.g. CData JDBC Connection to Splunk).
  6. Set the Data Source to "All Other JDBC Connections (Connection Extensibility)" and click Next.
  7. Set the Driver Class to cdata.jdbc.splunk.SplunkDriver and click Next.
  8. Set the Connection URL using the necessary connection properties to authenticate with Splunk. Your Connection URL will look something like the following:

    jdbc:splunk:user=MyUserName;password=MyPassword;URL=MyURL;InitiateOAuth=GETANDREFRESH

    Built-in Connection String Designer

    For assistance in constructing the JDBC URL, use the connection string designer built into the Splunk JDBC Driver. Either double-click the JAR file or execute the jar file from the command-line.

    java -jar cdata.jdbc.splunk.jar

    Fill in the connection properties and copy the connection string to the clipboard.

    To authenticate requests, set the User, Password, and URL properties to valid Splunk credentials. The port on which the requests are made to Splunk is port 8089.

    The data provider uses plain-text authentication by default, since the data provider attempts to negotiate TLS/SSL with the server.

    If you need to manually configure TLS/SSL, see Getting Started -> Advanced Settings in the data provider help documentation.

  9. Set the Test Query to enable the Test Connection button for the Connection (e.g. SELECT * FROM DataModels LIMIT 1) and click Next.
  10. Click Test Connection to ensure the connection is configured properly and click Save to add the connection.

Once the connection is added, you can write SQL queries against your Splunk data in QuerySurge.

Compare Splunk Data Queries with a QueryPair

With the connection configured, you can follow the steps below to compare querying Splunk data with a QueryPair.

  1. Select "Design Library" from the Design Menu
  2. Click QueryPairs under QuerySurge Design
  3. Click "Create New QueryPair"
  4. Name the QueryPair and click Save
  5. In either the Source or Target panes, select the connection created above (select the same connection to query Splunk twice or another connection to perform a comparison)
  6. Write queries in the Editor for each pane, e.g. SELECT * FROM DataModels
  7. Click the "Design-Time Run" tab to execute the queries
  8. When the query execution is finished, click "View Query Results" to see the Splunk data returned by the query

Download a free, 30-day trial of the CData JDBC Driver for Splunk and start working with your live Splunk data in QuerySurge. Reach out to our Support Team if you have any questions.