Alerting

Where can I find the logs for Apache status on a Linux server to set up an alert if Apache goes offline?

GKC_Vincent
Engager

Hi,

I am trying to use Splunk to monitor the status of Apache services from a Linux server.

I will need to create an alert so that the support team will be notified if the Apache go offline.

I had checked the error_log and access_log from /var/log/httpd, however, these log files do not seem have any information in regards to the status of Apache.

Could any one please advise where to get the Apache status from the server?

Thank you very much in advance.

Cheers.
Vincent

Tags (4)
1 Solution

miteshvohra
Contributor

Have a look at /var/log/daemon.log for the status of background services.

View solution in original post

miteshvohra
Contributor

Have a look at /var/log/daemon.log for the status of background services.

musskopf
Builder

You might wanna look to a proper monitoring tool, like Nagios or any other which is capable of running synthetic transactions. In your case the synthetic transaction could be simply accessing an URL hosted on this Apache.

I often see people using Splunk to perform application monitoring, where, from my point of view is a poor choice as Splunk is not designed for that. Anyway, you could try an App like this: https://apps.splunk.com/app/1493/, but for serious stuff, I recommend a "real" monitoring tool.

Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...