All Apps and Add-ons

Oracle RAC Clustering : Monitoring oracle audit logs

unixoperations
New Member

We have 4 node cluster with Oracle RAC. The audit logs are stored on OCFS2 clustered file system.
Want to import these audit logs in splunk.

If I configure splunk on 4 nodes these files get imported multiple times.

Do splunk have any kind of best practice guide or cluster solution ?

0 Karma

bkelly
Engager

In inputs.conf on each node specify the alert log for just the instance on that node.
node-n:[monitor://{directory_for_alert_log}/alert_{SID}n.log]

*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:





Or Learn More in Our Blog >>