Security

Linkage to code?

nowakdaw
Path Finder

Hello All,

Thank you for your help!. I was wondering if anyone knew if splunk has the ability to parse through log4j files and then provide links to the line of code where that error/warning is fired. Provided we supply it a code base.

Thanks

Tags (1)
1 Solution

gkanapathy
Splunk Employee
Splunk Employee

Natively no. However, Splunk does have a feature called "Field Actions" that allows you to trigger a script that is passed values that are in the event you select in the UI. To make use of this, you would have to ingest the data into Splunk, extract the program/class name and line number from the message (pretty basic regex, if there isn't already something on SplunkBase where someone else has done it), and set up a URL to receive that and open the right file.

View solution in original post

gkanapathy
Splunk Employee
Splunk Employee

Natively no. However, Splunk does have a feature called "Field Actions" that allows you to trigger a script that is passed values that are in the event you select in the UI. To make use of this, you would have to ingest the data into Splunk, extract the program/class name and line number from the message (pretty basic regex, if there isn't already something on SplunkBase where someone else has done it), and set up a URL to receive that and open the right file.

nowakdaw
Path Finder

Thank you! Your time is appreciated!

0 Karma

nowakdaw
Path Finder

Thank you very much!, would you happen to know where I can find "Field Actions" I tried to look for it via my own splunk instance as well as through splunk.com and I could not find anything on it. Thanks again.

Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...