Getting Data In

IBM Websphere system out log files

pboon
New Member

Hi, We have configured our Index server and also installed the universal forwarder on our websphere server and installed the add-on for splunk for the WAS but we cannot get any info to populate. i have read through many posts to try and get the systemout logs and going through this multiple times without success.
https://docs.splunk.com/Documentation/AddOns/released/IBMWAS/Installationoverview
https://docs.splunk.com/Documentation/AddOns/released/IBMWAS/Configureotherloginputs
and loads more but still cannot get the info to display. Do we need to edit the output.conf on the windows IBM WAS server to monitor the systemout.log files? if so can someone advise how? or is there another location i am missing to any changes i need to make.

we have also installed Chameleon DataStage App for Splunk to see if this will give us the systemout logs but we still cannot display any info.

Tags (1)
0 Karma

skalliger
Motivator

Hi,

how did you set-up the UF? Is the user (if not running as LOCAL SYSTEM) able to actually read the logs inside the WAS logs directory? If so, have you configured the .conf files accordingly? When I look into the default folder of the IBM TA, I see multiple files that need to be edited, e.g.:

ibm_was.conf needs to adjusted (copy to a newly created local directory):

[was_global_settings]
index = main
was_install_dir =
log_level = INFO

Maybe also other files need to be adjusted, I haven't read to the whole instructions.

Skalli

0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...