Getting Data In

How to monitor Apache logs i.e create dashboards for them?

vaibhavvijay9
New Member

Hi All,

I want to monitor the error logs using Splunk. And create dashboards for the same.

Sample logs :

[Sun Jul 09 03:25:02 2017] [info] Apache/2.2.32 (Unix) DAV/2 configured -- resuming normal operations
[Sun Jul 09 04:06:13 2017] [error] [client 1.2.3.4]  File does not exist : /var/www/html/robots.txt
[Mon Jul 10 20:24:52 2017] [error] (111) Connection refused : proxy: HTTP: attempt to connect to 127.0.0.1:8484  failed
[Tue Jul 19 23:02:01 2017] [error] [client 1.2.3.4] user test: authentication failure for "/~dcid/test1": Password Mismatch

Information from the above sample logs :
1. File does not exist
2. connection failed
3. authentication failed

There are hundred types of errors present in logs. And hence creating eventtypes for each error text is not a good way.

So, please help me with this.

Thanks in advance!

0 Karma

FrankVl
Ultra Champion

Have you checked out the Splunk Add-on for Apache Web Server already?

https://splunkbase.splunk.com/app/3186/

0 Karma
Get Updates on the Splunk Community!

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Your Next Big Security Credential: No Prerequisites Needed We know you’ve got the skills, and now, earning the ...

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

This is the sixth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Answers Content Calendar, July Edition I

Hello Community! Welcome to another month of Community Content Calendar series! For the month of July, we will ...