Dashboards & Visualizations

how get the data from log file which is generated by IIS server

gajananh999
Contributor

Hello Everyone,

I am newbie to splunk i have some log data of my website and i want to check analytics reports on that data. How many people viewed particular page and from which IP address how many people came.
Its exactly same as Google Analytics.

How can start with splunk.

can anyone please guide me on this?

Thanks and regards,
Gajanan Hiroji

0 Karma

jtrucks
Splunk Employee
Splunk Employee

Install the Splunk forwarder on the IIS machine. Add a directory for it to read log files and point that at your IIS logs so the forwarder sends all IIS data to your Splunk indexer.

Next, you have to do something with the data to get a dashboard or other report. A basic search and graph or chart will suffice for your specific question of visitors by IP. There might be an app or two that could help you, but start with getting the IIS data into splunk, then as a separate task figure out the reporting you need to do with that data.

--
Jesse Trucks
Minister of Magic

sbrant_splunk
Splunk Employee
Splunk Employee

This is a very broad question. What stage are you at in the process? Do you have Splunk installed? Are you already ingesting the IIS logs?

The basics of Splunk are exceptionally well documented, this would be a great place to start: http://docs.splunk.com/Documentation/Splunk

If you have difficulty somewhere along the way, you can update your question here, with specifics and will generally get a very quick response.

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...