Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

IBM Websphere system out log files

pboon
New Member
‎07-23-2019 03:29 AM

Hi, We have configured our Index server and also installed the universal forwarder on our websphere server and installed the add-on for splunk for the WAS but we cannot get any info to populate. i have read through many posts to try and get the systemout logs and going through this multiple times without success.
https://docs.splunk.com/Documentation/AddOns/released/IBMWAS/Installationoverview
https://docs.splunk.com/Documentation/AddOns/released/IBMWAS/Configureotherloginputs
and loads more but still cannot get the info to display. Do we need to edit the output.conf on the windows IBM WAS server to monitor the systemout.log files? if so can someone advise how? or is there another location i am missing to any changes i need to make.

we have also installed Chameleon DataStage App for Splunk to see if this will give us the systemout logs but we still cannot display any info.

Tags (1)
0 Karma
Reply

skalliger
Motivator
‎07-24-2019 07:44 AM

Hi,

how did you set-up the UF? Is the user (if not running as LOCAL SYSTEM) able to actually read the logs inside the WAS logs directory? If so, have you configured the .conf files accordingly? When I look into the default folder of the IBM TA, I see multiple files that need to be edited, e.g.:

ibm_was.conf needs to adjusted (copy to a newly created local directory):

[was_global_settings]
index = main
was_install_dir =
log_level = INFO

Maybe also other files need to be adjusted, I haven't read to the whole instructions.

Skalli

0 Karma
Reply
Get Updates on the Splunk Community!

Community Content Calendar, November Edition

Welcome to the November edition of our Community Spotlight! Each month, we dive into the Splunk Community to ...

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...