Splunk Enterprise Import Data From Log4Net Source

Nowadays there is a business need to make systems smarter and it’s always great if you can get runtime details without fuss. Splunk provides real-time operational intelligence. I started working on Splunk because I had to integrate Splunk to read log files so that we can keep an eye on business execution and a few notifications as well as alerts. Notification could be some business interruption, error emails or some blooper or some wrongdoing within the  happened and the system stopped execution. Splunk helps users in various other ways so that if something goes wrong then the end user can take adequate action to resolve issues or acknowledge them to the team or respective clients. We can also manage a dashboard to make it easier for the user who is handling the Splunk interface.

Splunk helps to collect and index data and performs indexing of data regardless of format or location – like logs, clickstreams, webservers, stream network traffic, custom application, social media and cloud services. Splunk helps you to gain valuable operational intelligence from machine generated data and with a complete range of search with visualization. Some key features are shown below.

In this article I’m going to choose log4net as a data source and will try to bring information from source and will try to show it on the main page. In order  to achieve that kindly follow the steps down the page.

Step 1: Go to start button and choose Splunk enterprise or type Splunk in start -> run as shown in depicted screen shot and click on Splunk enterprise.

It will open the following window.

Step 2: Click on Settings menu and you will see the following screen and choose data input from there

Step 3: As soon as you click on Data inputs it will take you on the screen as given below. Choose Files and directories and click.

Step 4: After clicking on files and directories it takes you to the another window to select New source as shown in below screen.

Step 5: Click on new, it will open the following window. Fill the required details specially the Files and Directory path using browse button.

Kindly go through the following screens, see how  I mapped the specific directory path; and click on the “Next” button in order to proceed further.

Step 6: Kindly follow the following screens to get it done.

Click On and Start searching. The flowing window will appear. Put your search string in search box.

The above screen shot has lots of potential data which I can’t share with you. However the one is displaying "Logged in Sucessfully” fetching information from “CustomLogForSplunk”. It is also showing in source type as well. This is how it made it easy to trace each and every line of log directory of specific files. In coming articles we may have a look bout more clean and optimized searches and some visualization techniques. Until then stay tuned and happy splunking.

Splunk helps with monitoring and analyzing everything from customer click streams and transactions, stream network traffic to security events and network activity.