How to monitor Apache logs i.e create dashboards f...

vaibhavvijay9 · ‎02-11-2019

Hi All,

I want to monitor the error logs using Splunk. And create dashboards for the same.

Sample logs :

[Sun Jul 09 03:25:02 2017] [info] Apache/2.2.32 (Unix) DAV/2 configured -- resuming normal operations
[Sun Jul 09 04:06:13 2017] [error] [client 1.2.3.4]  File does not exist : /var/www/html/robots.txt
[Mon Jul 10 20:24:52 2017] [error] (111) Connection refused : proxy: HTTP: attempt to connect to 127.0.0.1:8484  failed
[Tue Jul 19 23:02:01 2017] [error] [client 1.2.3.4] user test: authentication failure for "/~dcid/test1": Password Mismatch

Information from the above sample logs :
1. File does not exist
2. connection failed
3. authentication failed

There are hundred types of errors present in logs. And hence creating eventtypes for each error text is not a good way.

So, please help me with this.

Thanks in advance!

FrankVl · ‎02-11-2019

Have you checked out the Splunk Add-on for Apache Web Server already?

https://splunkbase.splunk.com/app/3186/

How to monitor Apache logs i.e create dashboards for them?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation