Ready to get started?

Learn more about CData API Server or sign up for a free trial:

Learn More

Query Splunk Data from Node.js

The API Server exposes Web services that allow connectivity to your data. Use the OData endpoint of the CData API Server to execute CRUD queries to Splunk data from Node.js.

The CData API Server, when paired with the ADO.NET Provider for Splunk, exposes Splunk data (or data from any of 150+ other ADO.NET Providers) as an OData endpoint, which can be queried from Node.js using simple HTTP requests. This article shows how to use the API Server to request JSON-formatted Splunk data in Node.js.

Set Up the API Server

Follow the steps below to begin producing secure Splunk OData services:

Deploy

The API Server runs on your own server. On Windows, you can deploy using the stand-alone server or IIS. On a Java servlet container, drop in the API Server WAR file. See the help documentation for more information and how-tos.

The API Server is also easy to deploy on Microsoft Azure, Amazon EC2, and Heroku.

Connect to Splunk

After you deploy the API Server and the ADO.NET Provider for Splunk, provide authentication values and other connection properties needed to connect to Splunk by clicking Settings -> Connections and adding a new connection in the API Server administration console.

To authenticate requests, set the User, Password, and URL properties to valid Splunk credentials. The port on which the requests are made to Splunk is port 8089.

The data provider uses plain-text authentication by default, since the data provider attempts to negotiate TLS/SSL with the server.

If you need to manually configure TLS/SSL, see Getting Started -> Advanced Settings in the data provider help documentation.

You can then choose the Splunk entities you want to allow the API Server access to by clicking Settings -> Resources.

Authorize API Server Users

After determining the OData services you want to produce, authorize users by clicking Settings -> Users. The API Server uses authtoken-based authentication and supports the major authentication schemes. Access can also be restricted based on IP address; all IP addresses except the local machine are restricted by default. You can authenticate as well as encrypt connections with SSL.

Consume Splunk OData Feeds from Node.js

OData feeds are easy to work with in Node.js. You can use the HTTP client in Node.js to request JSON-formatted data from the API Server's OData endpoint. After making the request, you can construct the body of the response and call the JSON.parse() function to parse it into records.

The code below will make an authenticated request for DataModels data. The example URL below applies a simple filter that searches for records with a value of SampleDataset in the Id column.

var http = require('http'); http.get({ protocol: "http:", hostname: "MyServer.com", port: MyPort, path: "/api.rsc/DataModels?$filter=" + encodeURIComponent("Id eq 'SampleDataset'"), auth: 'MyUser:MyAuthtoken' }, function(res) { var body = ''; res.on('data', function(chunk) { body += chunk; }); res.on('end', function() { console.log(body); var jsonData = JSON.parse(body); }); }).on('error', function(e) { console.log("Error: ", e); });