Getting Data In

How to monitor Apache logs i.e create dashboards for them?

vaibhavvijay9
New Member

Hi All,

I want to monitor the error logs using Splunk. And create dashboards for the same.

Sample logs :

[Sun Jul 09 03:25:02 2017] [info] Apache/2.2.32 (Unix) DAV/2 configured -- resuming normal operations
[Sun Jul 09 04:06:13 2017] [error] [client 1.2.3.4]  File does not exist : /var/www/html/robots.txt
[Mon Jul 10 20:24:52 2017] [error] (111) Connection refused : proxy: HTTP: attempt to connect to 127.0.0.1:8484  failed
[Tue Jul 19 23:02:01 2017] [error] [client 1.2.3.4] user test: authentication failure for "/~dcid/test1": Password Mismatch

Information from the above sample logs :
1. File does not exist
2. connection failed
3. authentication failed

There are hundred types of errors present in logs. And hence creating eventtypes for each error text is not a good way.

So, please help me with this.

Thanks in advance!

0 Karma

FrankVl
Ultra Champion

Have you checked out the Splunk Add-on for Apache Web Server already?

https://splunkbase.splunk.com/app/3186/

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!