Getting Data In

How to monitor Apache logs i.e create dashboards for them?

vaibhavvijay9
New Member

Hi All,

I want to monitor the error logs using Splunk. And create dashboards for the same.

Sample logs :

[Sun Jul 09 03:25:02 2017] [info] Apache/2.2.32 (Unix) DAV/2 configured -- resuming normal operations
[Sun Jul 09 04:06:13 2017] [error] [client 1.2.3.4]  File does not exist : /var/www/html/robots.txt
[Mon Jul 10 20:24:52 2017] [error] (111) Connection refused : proxy: HTTP: attempt to connect to 127.0.0.1:8484  failed
[Tue Jul 19 23:02:01 2017] [error] [client 1.2.3.4] user test: authentication failure for "/~dcid/test1": Password Mismatch

Information from the above sample logs :
1. File does not exist
2. connection failed
3. authentication failed

There are hundred types of errors present in logs. And hence creating eventtypes for each error text is not a good way.

So, please help me with this.

Thanks in advance!

0 Karma

FrankVl
Ultra Champion

Have you checked out the Splunk Add-on for Apache Web Server already?

https://splunkbase.splunk.com/app/3186/

0 Karma
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...