Mt question here is very similar to the question posted here: http://serverfault.com/questions/469383/iis-advanced-logging-forward-to-syslog.
I am looking for a method that would allow us to forward the IIS Advanced Logging logs to Splunk. We are able to forward regular IIS logs; however I am not sure how to make it work the same for IIS Advanced Logging.
The default file path is different for IIS Advanced Logging (%SystemDrive%\inetpub\logs\AdvancedLogs) and it appears that the file names are based upon the UTC time, see here, and not the local date and time that you can specify with regular logging. This also creates and issue for developing some type of wildcard rule.
Any ideas are welcome.
... View more