Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Splunk For IIS?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You should just be able to run a splunk instance on IIS and set up a data input to monitor the directory locally. There is an IIS sourcetype natively built into the product. A good place to start would be here:
http://www.splunk.com/base/Documentation/4.1.6/admin/WhatSplunkCanMonitor
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Link is no longer available
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am looking for mostly the reporting aspect to produce meaningful reports for customer. Like request per month. Request per Client IP. User Agent reports, etc... At the moment I am not profiecient in writing the queries required to produce such charts in splunk. But working on it.
I have splunk looking at offline iis logs at the moment, nothing live.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Arguably a "web analytics" app would be better -- there's probably not that much of interest that specific to IIS over any other web server. I have some very preliminary stuff, and probably so do a lot of other people. But nothing usable enough to share yet.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is definitely a need for an IIS app, or at least an add-on.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What are you looking for in the app - just parsing and field extractions, or more complete logic?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You should just be able to run a splunk instance on IIS and set up a data input to monitor the directory locally. There is an IIS sourcetype natively built into the product. A good place to start would be here:
http://www.splunk.com/base/Documentation/4.1.6/admin/WhatSplunkCanMonitor
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would like to monitor IIS logs on my remote Web Servers. How to I do that?
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
SplunkTrust Application Period is Officially OPEN!
