Dashboards & Visualizations

How do we integrate Artifactory Logs into Splunk?

Path Finder

I want to integrate the artifactory with Splunk to see the artifactory logs. Is there any way to do that?

I got a basic idea of installing the Universal Forwarder on the box and pulling the logs into Splunk. Or is there another way, like is it possible to pull the logs with an app or with the HTTP Event Collector? Since i believe Sumo Logic has a dedicated app to pull Artifactory Logs into Splunk...

So if you any procedure kindly let me know

Tags (2)
0 Karma

Loves-to-Learn Lots

There is an app on splunkbase - looks pretty good and covers all the usecases

0 Karma

Communicator

But it seems like the app only gives you an API key for 30 days. If we have purchased Artifactory, shouldn't we able to integrate with Splunk indefinitely, assuming that our service agreement with Splunk and Artifactory continues. I don't understand why there is a 30 day trial with the API key if you download this app.

0 Karma

Loves-to-Learn Lots

You can integrate Artifactory with Splunk irrespective of the Apps on Splunkbase.

Not all the Apps on Splunkbase are for Free.

This Splunk App for Artifactory is a Custom App that has been built by a third party ( Not by Jfrog ) that provides all the Dashboards without any work on your part.

Custom Solutions that are very detailed and that provide features come at a Cost and thats the reason for the license

Hope this helps @adnankhan5133 

0 Karma

Splunk Employee
Splunk Employee

There are many files in artifactory that can be monitored (some which need to be turned on manually) that give you plenty of information. The three main files that are rich with info are requests.log, artifactory.log and access.log. These file can be forwarded either by HEC or SplunkForwarder, although SplunkForwarder is recommended.

The log formats for these three, and many of the artifactory log files are not the same, so this makes it very difficult to apply one set of field extractions to all three log files.

Create three separate source types - artifactoryreq, artifactoryaccess and artifactory_log, then extract the fields using regex or manual field extractions. ( FieldExtraction - https://docs.splunk.com/Documentation/Splunk/7.2.3/Search/Extractfieldswithsearchcommands )

Hope this helps!

0 Karma

Path Finder

Kindly help on this request.

0 Karma

Splunk Employee
Splunk Employee

@anandhalagarasan

Thanks for posting. Could you give us some more context for your query? You have a much better chance of getting your question answered if you provide more information about your issue. Plus, it will help guide future community users who are facing a similar problem.

0 Karma

Path Finder

can anyone help on this request

0 Karma

Path Finder

I got an requirement stating that Artifactory logs needs to be integrated into Splunk. I got a basic idea by installing the UF on the box and pulling the logs into Splunk. Or do we have any other way like pulling the logs with any apps or pulling the logs with the HTTP Event Collector. Since i believe Sumo Logic has a dedicated app to pull Artifactory Logs into Splunk.
So if you any procedure kindly let me know

0 Karma

Observer

Were you able to use the HTTP Event Collector, or did you go with the UF?

0 Karma

Loves-to-Learn Lots

We used UF and uploaded the logs in RAW format @gregz00 

0 Karma

Loves-to-Learn Lots

There is an App on the Splunkbase - worth taking a look

https://splunkbase.splunk.com/app/5077/

0 Karma