Solved: Lotus Notes Logs

eantonio · ‎10-26-2011

What do I need to do to monitor my Lotus Notes Server? Is there an App that will do this? What are the common logs that people monitor in a Lotus Notes Server?

lguinn2 · ‎10-27-2011

There is no app for Lotus Notes. I don't know what is typical for Lotus Notes admins to monitor, but Splunk can monitor any text file. I think there is an option in Lotus Notes to log to a database (.nsf) or to a text file. I recommend that you log to text -- and rotate logs often. Splunk will track log rotation properly, so rotate your logs frequently and archive (or delete) older logs to save disk space and keep things tidy.

You can simply ask Splunk to monitor the directories where the message logs, error logs and/or web access logs are written. At a minimum, I think you will want to monitor the diagnostic logs. Remember that XML files are text too, so you can simply monitor XML files with Splunk the same way you monitor other text files.

I also suggest that FIRST you test out these inputs on a test copy of Splunk - don't add the Lotus Notes events into your production system until you see exactly what is flowing into Splunk. Once you look at the data, you can decide if you need to tweak Splunk's settings to make it work better for you.

If you need help tweaking Splunk, open up a new question in this forum. It helps if you paste in a sample of your log file. Lots of folks here can help you, even if we don't know much about Lotus Notes, if we can see the format of the files that you want to Splunk.

View solution in original post

wbfoxii · ‎06-13-2012

Lotus Notes DB Access Logs leave a lot to be desired. It appears that Notes summarizes a user session automatically, so there is no time-stamped record for access to a specific document. You might get a time stamped log message that tells you a certain user read four documents and added two. But you will not get "Date, Time, User, Document, Action" for each touch of a document.

Here's a web reference that is old, but it still applied to my Notes 8.5.2 client when I looked at my mail DB.

http://www.pcworld.com/article/7482/logging_lotus_notes_database_activity.html

lguinn2 · ‎10-27-2011

There is no app for Lotus Notes. I don't know what is typical for Lotus Notes admins to monitor, but Splunk can monitor any text file. I think there is an option in Lotus Notes to log to a database (.nsf) or to a text file. I recommend that you log to text -- and rotate logs often. Splunk will track log rotation properly, so rotate your logs frequently and archive (or delete) older logs to save disk space and keep things tidy.

You can simply ask Splunk to monitor the directories where the message logs, error logs and/or web access logs are written. At a minimum, I think you will want to monitor the diagnostic logs. Remember that XML files are text too, so you can simply monitor XML files with Splunk the same way you monitor other text files.

I also suggest that FIRST you test out these inputs on a test copy of Splunk - don't add the Lotus Notes events into your production system until you see exactly what is flowing into Splunk. Once you look at the data, you can decide if you need to tweak Splunk's settings to make it work better for you.

If you need help tweaking Splunk, open up a new question in this forum. It helps if you paste in a sample of your log file. Lots of folks here can help you, even if we don't know much about Lotus Notes, if we can see the format of the files that you want to Splunk.

Lotus Notes Logs

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation