Splunk can collect and index data, but it also has a wide range of attributes and features that make it a flexible database analysis tool. Although Splunk isn’t specifically designed as such, you can easily use it to monitor databases.
Splunk has a number of useful scripts and tools a user can employ once familiar with how the software works with unstructured data.
The real power in Splunk is the search language. By learning the search language and how to manipulate data, you can do some powerful things with regular expressions.
Generating visuals for data is one of Splunk’s strong suits. With Splunk you can build charts or dashboards. Its visual format can help you extract many valuable pieces of information from your voluminous data.
Splunk automatically recommends particular types of visuals to its users. There are many options available — pie charts, bar charts, or column charts. Splunk makes these determinations based on the data returned.
Building Splunk Tools
Datavail has built many different Splunk tools for our own use, as well as for our clients. Some of these tools can be integrated with other technologies, such as SQL Server, Apache, or even .NET.
Customization is one of Splunk’s many attractive attributes. Tools can be easily developed for Splunk; however, it does require time and energy as well as a little creativity. Here are some examples of our work:
- When we were experiencing problems with a load balancer and attempting to determine the source of these issues, we decided to build an Apache Node Monitoring Tool. Using the server logs, these were input into Splunk and the data was immediately indexed. We were able to chart that data very quickly and see precisely where the activity fell within a certain time frame in order to resolve the issue.
- One of our U.S.-based clients wanted to monitor Sarbanes-Oxley Compliance across multiple Oracle clusters. They wanted to move from a kludgy, mostly manual process using shell scripts and Microsoft Excel to an easier and more automated process. We helped by writing scripts to pull data from Oracle, then passed it into Splunk. Thus, they were able to monitor multiple RACK environments from a single location, as well as easily create custom reports.
- Another great example of this is a real-time NMON Monitoring Tool we created. The data was extracted using perl scripts in NMON. The data was formatted and imported into Splunk. NMON is not the easiest tool to work with, but coupling it with Splunk made creating a visualization tool relatively easy.
You can use Splunk to monitor sessions, disk performance, object statistics, SQL performance, and more. And best of all, you’re creating a tool at a price the C-level suite suits will love: It’s free.
There are any number of database monitoring tasks Splunk can accomplish. I covered more basics, complete with detailed examples, in a webinar about building a database monitoring tool using Splunk. A recording of this webinar is currently available here.
If you need assistance or ongoing help with Splunk or other database applications and tools, please contact Datavail to discuss a custom solution for your enterprise.
Image by mihalec/123RF.
EPM applications help measure the business performance. This post will help you choose the best EPM solutions for your organization’s needs and objectives.
With serious financial penalties, SOX audits can be intimidating — but they don’t have to be. Find out how you can use Datavail’s software to automatically prove SOX compliance.