There are many files in artifactory that can be monitored (some which need to be turned on manually) that give you plenty of information. The three main files that are rich with info are requests.log, artifactory.log and access.log. These file can be forwarded either by HEC or SplunkForwarder, although SplunkForwarder is recommended.
The log formats for these three, and many of the artifactory log files are not the same, so this makes it very difficult to apply one set of field extractions to all three log files.
Create three separate source types - artifactory_req, artifactory_access and artifactory_log, then extract the fields using regex or manual field extractions. ( FieldExtraction - https://docs.splunk.com/Documentation/Splunk/7.2.3/Search/Extractfieldswithsearchcommands )
Hope this helps!
... View more