Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to monitor Apache logs i.e create dashboards for them?

vaibhavvijay9
New Member
‎02-11-2019 06:27 AM

Hi All,

I want to monitor the error logs using Splunk. And create dashboards for the same.

Sample logs :

[Sun Jul 09 03:25:02 2017] [info] Apache/2.2.32 (Unix) DAV/2 configured -- resuming normal operations
[Sun Jul 09 04:06:13 2017] [error] [client 1.2.3.4]  File does not exist : /var/www/html/robots.txt
[Mon Jul 10 20:24:52 2017] [error] (111) Connection refused : proxy: HTTP: attempt to connect to 127.0.0.1:8484  failed
[Tue Jul 19 23:02:01 2017] [error] [client 1.2.3.4] user test: authentication failure for "/~dcid/test1": Password Mismatch

Information from the above sample logs :
1. File does not exist
2. connection failed
3. authentication failed

There are hundred types of errors present in logs. And hence creating eventtypes for each error text is not a good way.

So, please help me with this.

Thanks in advance!

0 Karma
Reply

FrankVl
Ultra Champion
‎02-11-2019 07:40 AM

Have you checked out the Splunk Add-on for Apache Web Server already?

https://splunkbase.splunk.com/app/3186/

0 Karma
Reply
Get Updates on the Splunk Community!

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Your Next Big Security Credential: No Prerequisites Needed We know you’ve got the skills, and now, earning the ...

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

This is the sixth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Answers Content Calendar, July Edition I

Hello Community! Welcome to another month of Community Content Calendar series! For the month of July, we will ...
Top