You should just be able to run a splunk instance on IIS and set up a data input to monitor the directory locally. There is an IIS sourcetype natively built into the product. A good place to start would be here:
http://www.splunk.com/base/Documentation/4.1.6/admin/WhatSplunkCanMonitor
Link is no longer available
I am looking for mostly the reporting aspect to produce meaningful reports for customer. Like request per month. Request per Client IP. User Agent reports, etc... At the moment I am not profiecient in writing the queries required to produce such charts in splunk. But working on it.
I have splunk looking at offline iis logs at the moment, nothing live.
Arguably a "web analytics" app would be better -- there's probably not that much of interest that specific to IIS over any other web server. I have some very preliminary stuff, and probably so do a lot of other people. But nothing usable enough to share yet.
There is definitely a need for an IIS app, or at least an add-on.
What are you looking for in the app - just parsing and field extractions, or more complete logic?
You should just be able to run a splunk instance on IIS and set up a data input to monitor the directory locally. There is an IIS sourcetype natively built into the product. A good place to start would be here:
http://www.splunk.com/base/Documentation/4.1.6/admin/WhatSplunkCanMonitor
I would like to monitor IIS logs on my remote Web Servers. How to I do that?