Splunk Enterprise

How to collect different types of log data from different applications, residing in a single server?

raj_mpl
Path Finder

How to collect the different types of logs form different types of applications? All the applications were residing in a single server
with a single universal forwarder or do we need to configure anything.

Tags (1)
0 Karma
1 Solution

FrankVl
Ultra Champion

Without more specific info on how those applications write/send their logs, it is a bit hard to give any specific answer.

But basically I would say you can for instance create a separate inputs.conf stanza for each application, pointing it to the relevant log directory and setting individual index and sourcetype settings as desired.

View solution in original post

0 Karma

FrankVl
Ultra Champion

Without more specific info on how those applications write/send their logs, it is a bit hard to give any specific answer.

But basically I would say you can for instance create a separate inputs.conf stanza for each application, pointing it to the relevant log directory and setting individual index and sourcetype settings as desired.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...