Splunk Add-on for Microsoft Azure to read the IIS ...

vikrant3007 · ‎08-10-2016

Is there a way for the Splunk Add-on for Microsoft Azure to read the IIS Logs of azure websites?
From the https://splunkbase.splunk.com/app/3084/#/details documentation, IIS logs aren’t mentioned as being captured by it.
We do have the IIS Logs and IIS Failed Request Logs as part of the diagnostics captured by azure websites.

rarsan_splunk · ‎03-07-2017

Yes, use Azure Storage Blob modular input part of Splunk Add-on for Microsoft Cloud Services, and point it to the blob container collecting your IIS logs.

Some more details here with respect to W3C fields extractions:
https://answers.splunk.com/answers/469691/is-there-any-way-to-get-the-native-splunk-iis-extr.html

jkat54 · ‎08-10-2016

Any specific reason you want to read the iis logs with the Azure add-on?

There's this neat app fore web analytics:
https://splunkbase.splunk.com/app/2699/#/overview

And you can always just setup an inputs.conf to monitor the location of the IIS logs... You could put that in any splunk app you like.

vikrant3007 · ‎08-10-2016

The websites that we want to read the IIS Logs are Azure websites and we dont have a way install the Universal forwarder in the Azure websites due to infrastructure sharing by Azure.
We are able to read the WADLogs and other tables of the Azure websites and cloudservices using the Add-on therefore, we want to add the IISLogs of Azure websites to our monitoring.

Splunk Add-on for Microsoft Azure to read the IIS Logs

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!