Java sdk quickstart PPT

1. Copyright © 2014 Splunk Inc.
Splunk Java SDK
Quick Start
Nimish Doshi
Principal Systems
Engineer

2. Agenda
Purpose is to get an experienced developer started with
Splunk Java SDK
2

3. Download and Install the Java SDK
Download: http://dev.splunk.com/goto/sdk-java
After unzipping go to /splunk-sdk-java. Use ant.
ant
 /splunk-sdk-java/dist now contains:
 splunk.jar – Java SDK components
 opencsv-2.3.jar – 3rd
party lib to display CSV results
 gson-2.1.jar – 3rd
party lib to display JSON results
3

4. Importing Splunk SDK classes
import com.splunk.*; // The entry point to the client library
public class SplunkTest {
public static void main(String[] args) {
4

5. Connect and Authenticate
// Create a map of arguments and add login parameters
ServiceArgs loginArgs = new ServiceArgs();
loginArgs.setUsername("admin");
loginArgs.setPassword("changeme");
loginArgs.setHost("localhost");
loginArgs.setPort(8089);
// Create a Service instance, log in
Service service = Service.connect(loginArgs);
5

6. Print Installed Apps to Test
// Print installed apps to the console to verify login
for (Application app : service.getApplications().values())
{
System.out.println(app.getName());
}
6

7. Define a normal search
// Additional imports
import java.io.InputStream;
import java.util.HashMap; ...
// Run a normal search: Notice QUERY in string below.
String searchQuery_normal = "search * | head 10";
JobArgs jobargs = new JobArgs();
jobargs.setExecutionMode(JobArgs.ExecutionMode.NORMAL);
Job job = service.getJobs().create(searchQuery_normal, jobargs);
7

8. Block, waiting for Search to complete
// Wait for the search to finish
while (!job.isDone()) {
try {
Thread.sleep(500);
} catch (InterruptedException e) {
e.printStackTrace();
}
}
8

9. Printing out raw results
// Read Results
BufferedReader br = new BufferedReader(new
InputStreamReader(job.getResults()));
String line=null;
while (line=br.readLine() != null) {
System.out.println(line);
}
9

10. Printing out results using XML reader
InputStream resultsNormalSearch = job.getResults();
ResultsReaderXml resultsReaderNormalSearch;
try {
resultsReaderNormalSearch = new ResultsReaderXml(resultsNormalSearch);
HashMap<String, String> event;
while ((event = resultsReaderNormalSearch.getNextEvent()) != null) {
for (String key: event.keySet())
System.out.println(" " + key + ": " + event.get(key));
}
} catch (…
10

11. Use Eclipse Plugin with Java SDK
11

12. Reference
• Consult http://dev.splunk.com/view/java-sdk/SP-CAAAECN
for further examples.
• Eclipse Plugin:
http://dev.splunk.com/view/splunk-plugin-eclipse/SP-
CAAAEQP
• For the Splunk search tutorial use:
http://docs.splunk.com/Documentation/Splunk/latest/Searc
hTutorial/WelcometotheSearchTutorial
12

13. Getting Data Into Splunk Reference
• Getting Data Into Splunk
http://docs.splunk.com/Documentation/Splunk/latest/Data/
Howtogetgoing
• Getting Data into Splunk using the Java SDK
http://dev.splunk.com/view/java-sdk/SP-CAAAEJ2
13

14. Thank You