Write and query data in Splunk repository

This example pipeline demonstrates how to use the Splunk Writer and Splunk Search Snaps to write data into Splunk repository and further get the required data from Splunk.


Splunk Writer Search Example Pipeline

Download this pipeline.
  1. Configure the File Reader Snap to read a JSON file:

    File Reader configuration

  2. Configure the Splunk Writer Snap with Splunk index value to index the raw event data and write to the Splunk repository in the form of searchable events.
    Splunk Writer Snap configuration Splunk Writer Snap output

    Splunk Writer Snap configuration
    Slunk Writer Snap output
  3. Configure the Splunk Search Snap by specifying the index name that was assigned to the written file in the Search query field.
    On validation, the Snap fetches the JSON file content from the Splunk repository along with the assigned index value.
    Splunk Search Snap configuration Splunk Search Snap output

    Splunk Search Snap configuration
    Splunk Search Snap output
To successfully reuse pipelines:
  1. Download and import the pipeline into SnapLogic.
  2. Configure Snap accounts as applicable.
  3. Provide pipeline parameters as applicable.