How to search, which are the apps and Website logs getting in splunk.
sourcetype="f5:bigip*"
Hello @syeddalam
This should have been defined in an index when the admin set up the Splunk forwarder on the server. Our access logs are defined in index=web-access
.. But anyways there's a few ways of doing this. First you could go to Settings
and then Indexes
and look at all your indexes and see if any are obviously your access logs. The other way would be to go to your search put it on a short time window and type in index=*
then look at your sources
and see which path leads to the access logs