I'm deploying the UF to my Web Severs and I want to be able to pull W3C logs. What config settings in the UF do I need to add in order to do this? I'm deploying the UF using SCCM.
This has been address in a couple of different threads, but try starting here:
I'm also planning to install UF to my DMZ Servers and I need to monitor who is accessing my DMZ Servers from internal/external source. What would be the best Search Command to execute in Splunk Web Interface?
Can you tell me what search value I need to execute in order to tell who is accessing my Web Server?