Install, Configure and setup 'Splunk DB Connect' App for Oracle Database

Splunk is used for monitoring and analyzing machine-generated big data via a web-style interface. It indexes application, system log files in real-time in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations.

Splunk can also be used to index a database table using the help of 'Splunk DB Connect' app. In this tutorial, I am explaning how to install, configure and setup 'Splunk DB Connect' app to index an oracle table.
JDK/JRE is a prerequisite for 'Splunk DB Connect' app. Please install JDK/JRE before you start the tutorial.

Install 'Splunk DB Connect' App
Now that we have the 'Splunk DB Connect' app installed, we need to configure it.
Install Oracle jdbc Driver

Now that we have the 'Splunk DB Connect' app installed, we need to install Oracle jdbc driver to configure the Oracle Database connection. Setup The Oracle Database Connection using 'Splunk DB Connect'

'Splunk DB Connect' app is now ready to configure the Oracle Database connection. Setup The Database Input To Index The Table

Now we have the database connection setup, it is time to setup the input where we can define the table to be indexed. Troubleshooting

If the indexing is not working or stopped look at $SPLUNK_HOME/var/lib/persistentstorage/dbx Each input has its own directory, which is a hash of its name and a 32-character hexadecimal string. This directory typically contains these files: manifest.properties has meta-information, such as the input name. state.xml has the actual state in XML format. state.xml look like below

In above example id is the rising column and splunk indexed till 5064. You can reset the indexing by changing the value to a previous one.

$SPLUNK_HOME/etc/apps/dbx/local dir has database connection, input information. These file can be manually edited to configure.