Splunk provides a free app called DB Connect, and, with it, you can easily and quickly connect to relational database management systems such as Oracle and Microsoft SQL Server. DB Connect provides three major functionalities as it relates to relational database data:
- Import data from database tables into Splunk with a SQL Query
- Export data from Splunk into database tables mapping Splunk fields to database table fields
- Execute runtime look-ups to gather reference data, such as a customer or product hierarchy often stored in databases, to provide organizational context to event data