Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Repository for sourcetype configuration for common log formats?

the_wolverine
Champion
‎06-26-2014 10:33 AM

Is there a repository for common log formats? I have Tomcat boot.log that is not line breaking correctly, most likely because it has been assigned a custom sourcetype.

If Splunk knows about this sourcetype, how would I reference the proper configuration to get my line breaking to work properly for this source?

0 Karma
Reply

tnesavich_splun
Splunk Employee
Splunk Employee
‎03-08-2017 03:04 PM

Love the idea! I am not seeing that Splunk has this. However, this is similar:
http://gosplunk.com/

Also, as it relates to your question I would look at how this is done when using the Splunk Add-on for Tomcat (or maybe even use it):
https://splunkbase.splunk.com/app/2911/

Here are is another supporting link for installation / configuration should you go that route:
http://docs.splunk.com/Documentation/AddOns/released/Tomcat/Setup

0 Karma
Reply
Don’t Miss Global Splunk
User Groups Week!

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes and swag!