Solved: Apache access logs stored on a s3 bucket access

Said75015 · ‎07-18-2021

Hi

I have configured Splunk AWS plugin to get files stored in a s3 bucket. These files come from a Apache server and have Apache access log format.

I use an s3 generic input and it seems to be connected (I tried with only one file) but when I check for searching events I don't see anything ? Internal Splunk logs indicate the s3 bucket is well reached and the file inside well processed without error.

Do you have a idea from which this issue can be due ?

Thanks

Saïd

Said75015 · ‎07-19-2021

Hi @venkatasri

I have found the issue, it was just due to the fact that I used a too recent time interval (my records concerned an older time) so there was nothing displayed.

Thanks

View solution in original post

venkatasri · ‎07-18-2021

Hi @Said75015

Can you share how your inputs have been configured? You can anonymize the bucket name.

Said75015 · ‎07-19-2021

Hi @venkatasri

I have found the issue, it was just due to the fact that I used a too recent time interval (my records concerned an older time) so there was nothing displayed.

Thanks

Apache access logs stored on a s3 bucket access

administration

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)