Hello,
I am totally new to Splunk so please be patient with me.
I installed Splunk 8.0.0 on a Windows Server 2016 machine and I am able to pull in Windows Event Logs and search them without an issue. However, besides the Windows Event Logs we also have several machines running Tomcat and we want to pull in the Tomcat Logs as well. So I installed the Splunk-Add on for Tomcat 2.0 and this is where all the trouble starts. And yes I read through the whole Splunk-Add for Tomcat documentation but it does not really make sense to me.
So installed the Splunk-Add on for Tomcat and I first went to Applications --> Set-up for the Add-on. The settings on here already do not make any sense to me. I have about 10 servers running tomcat. If I set a specific host name in the JMX path how am I going to add the additional 9 Tomcat servers? See screenshot below:
After that I went into Settings --> Data Input --> Splunk Add-On for Tomcat --> + Add New but alll I get in there is this:
When I click on Next the then I get the error message
------------ Encountered the following error while trying to save: setEntity - tried to commit empty entity----------------------------
As I stated before I read through the Splunk documentation and tried to figure out what I need to do to add at least one of my test Tomcat Servers to the add on but I just dont get it. Can someone please point me into the right direction.
Thank you
As per your requirement (which involves ingesting data from multiple Tomcat Servers using JMX), I would recommend using Splunk Add-on for Java Management Extensions (JMX) to ingest data.
You can find more details about app configuration here.
As per your requirement (which involves ingesting data from multiple Tomcat Servers using JMX), I would recommend using Splunk Add-on for Java Management Extensions (JMX) to ingest data.
You can find more details about app configuration here.
Not sure why links are not working. Reposting the links in comments:
Splunkbase: https://splunkbase.splunk.com/app/2647/#/overview
Docs: https://docs.splunk.com/Documentation/AddOns/released/JMX/Configureinput