All Apps and Add-ons

Splunk Add-on for Microsoft Azure to read the IIS Logs

vikrant3007
Path Finder

Is there a way for the Splunk Add-on for Microsoft Azure to read the IIS Logs of azure websites?
From the https://splunkbase.splunk.com/app/3084/#/details documentation, IIS logs aren’t mentioned as being captured by it.
We do have the IIS Logs and IIS Failed Request Logs as part of the diagnostics captured by azure websites.

Tags (1)

rarsan_splunk
Splunk Employee
Splunk Employee

Yes, use Azure Storage Blob modular input part of Splunk Add-on for Microsoft Cloud Services, and point it to the blob container collecting your IIS logs.

Some more details here with respect to W3C fields extractions:
https://answers.splunk.com/answers/469691/is-there-any-way-to-get-the-native-splunk-iis-extr.html

0 Karma

jkat54
SplunkTrust
SplunkTrust

Any specific reason you want to read the iis logs with the Azure add-on?

There's this neat app fore web analytics:
https://splunkbase.splunk.com/app/2699/#/overview

And you can always just setup an inputs.conf to monitor the location of the IIS logs... You could put that in any splunk app you like.

0 Karma

vikrant3007
Path Finder

The websites that we want to read the IIS Logs are Azure websites and we dont have a way install the Universal forwarder in the Azure websites due to infrastructure sharing by Azure.
We are able to read the WADLogs and other tables of the Azure websites and cloudservices using the Add-on therefore, we want to add the IISLogs of Azure websites to our monitoring.

0 Karma
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...