I'm moving from Splunk to Elastic but don't want to get rid of all the Splunk data at once, Im in a phase where I need Splunk and Elastic to talk to each others...Is that possible ? Are there any elastic connectors for Splunk ? I really want to avoid data movement and data copy...
1 Like
You can't use elasticsearch if you didn't index data into it.
2 Likes
is there any connector that I can use instead to read from Splunk ? something like beats or something for Splunk ?
No i don't think so. You need to export data from splunk and then read it with logstash.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.