All Apps and Add-ons

Importing log files from the local filesystem?

dylanw
New Member

I'm using the Modsecurity App. Is it possible to load the modsec_audit.log directly?
Cheers,
Dylan

Tags (1)
0 Karma

martin_splunk
New Member

Hi Dylan

Of course you can collect the log from your local machine, all you need to do is collect the modsec log somehow and then name the index and sourcetype corresponding to your modsec app macros.conf

Cheers,
Martin

0 Karma
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Deprecation of Splunk Observability Kubernetes “Classic Navigator” UI starting ...

Access to Splunk Observability Kubernetes “Classic Navigator” UI will no longer be available starting January ...

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...