Configuring CLM for Splunk
I can find material on configuring CLM using WAS to create logs usable by splunk. That process uses the console. I've got CLM 6.0.3 installed with WAS Liberty profile 8.5.5.9. How can I configure it or splunk universal forwarder so get to the logs? |
One answer
Ralph Schoon (63.1k●3●36●46)
| answered Nov 03 '17, 3:45 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER edited Nov 03 '17, 3:46 a.m. I have only minimal experience with Splunk, but my common sense best guess is that you will have to take the CLM logs as they are and use Splunk to analyze them. I am not aware of a way to redirect the logs. The logs sit is a folder.
Comments If it just the folder location, splunk can handle that. It's the log conent. The WAS console is needed to turn on http and http error logging. (see https://docs.splunk.com/Documentation/AddOns/released/IBMWAS/Setup). that I have to take them the log content 'as is' with liberty since console customization isn't available. My understanding of our security rules (customer driven) is that the http logging is required before the firewall will be opened. From what I can see I think you are correct and I'm afraid we'll need to convert from WAS-liberty to regular WAS. Not something I'm looking forward to. I have sent a question to a customer that is looking into Liberty Profile and Splunk. Not sure if they have a similar challenge though. Have you checked if Liberty Profile (WLP) supports a similar approach? I know it is possible to download the diagnostics/Logs from the diagnostics page.
Sorry, but that customer directly reads the log files.
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.