splunk TA (technology add-on) to pull data from device42
most products these days integrate with splunk. device 42 does not.
we currently have add-ons which pull data from any number of external data sources (databases, confluence pages, amazon s3 buckets, etc) and translate them into either raw splunk events or other enrichment artefacts.
two main use cases would be:
-
auditing of any updates, or deletions from device42's DB. i.e.:
%timestamp% user <xyz> changed device <host123> in device42 -
data enrichment. so we can translate usernames / IP addresses into meaningful data / events:
fetch all subnets every 12 hours in JSON format and write them into a CSV table
this would be deployable as a splunk package or "app" so that splunk customers like us who also have a device42 server can integrate more easily.
-
Official comment
Hi Andrew,
We recently added log integration, where you can send audit logs from Device42 to Splunk. Other alternative is to use webhooks, where you can send selected events like only updates or deletes for certain categories (like devices).
Regarding the second point about data enrichment, can we please get on a call to understand the use case a bit more? Please send is a note to support@device42.com to schedule time with an engineer.
Thanks & Regards,
Raj Jalan
-
Have you ever created an app to query data from a device 42 from an Enterprise Splunk instance?
0
Please sign in to leave a comment.
Comments
2 comments