Hello,
I'm trying to find out why only one sourcetype (the last one) is being monitored. Could someone please tell me how to configure input.conf? I'd like to capture some apache/tomcat logs and s...
Hi I have configured Splunk AWS plugin to get files stored in a s3 bucket. These files come from a Apache server and have Apache access log format. I use an s3 generic input and it seems to b...
I am tracking the response time(in seconds) of the pages served by apache using "%T" and i would like to track all the request which are taking more than "10" seconds to serve to the clients. P...
Hello ,
I have installed forwarder on Linux system and able to see logs in searches but the when i open a detailed log the field & value is missing for the relevant part of raw log.
All ...
Hi all, i'm new to splunk. I've managed to get it set up and imported a load of Apache log files. When I search by host, it shows all the logs but I can't quite work out the next step.
U...
Hello,
I have recently configured a Splunk light forwarder to monitor an apache access_log. I specified that the file being watched be recognized as an 'access_common' sourcetype. We are using t...
I have a sample log file from Apache, now how can I identify it with Splunk that this log is really an Apache log are there a tools or any method for that ?
I need to find out an answer for what does Splunk run for its web server? Is it Apache, IIS or some other flavor. I have Splunk running on Windows Server 2012 R2.
Thank you.
We have some apache logs that I've added the %D (response time in microseconds) log config to at the very end. The splunk configuration is not set up on these servers to match each field so the r...