Forums: SplunkAdministration: Splunk to monitor Oracle logs

Previous Topic: Splunk to monitor a directory size change(fschange)  |   Next Topic: Move WMI Input to different Indexes


Posts 1–3 of 3  |  Post to this topic
1
subhanjan's Mugshot posted by: subhanjan  |  posts
date: May 30, 2009
permalink

Hi,
We have a splunk server Server A with receiving enabled from Server B.In Server B we have enabled forwarding and have set the LightForwarder mode.In Server B we have enabled Data Inputs->Files and Directories->Add Input and gave the customized path /oracle/test/admin/bdump/alert_test.log.
We are unable to see the path or logs in ServerA.
In ServerB we can see the following message in Splunk log

05-31-2009 08:14:46.697 INFO SavedSplunker - SavedSplunker::main: Found 0 saved searches ready to run

05-31-2009 08:15:16.698 INFO SavedSplunker - SavedSplunker::main: Found 0 saved searches ready to run

Can we monitor my Oracle logs?Did we missed something in configuration.

2
araitz's Mugshot posted by: araitz  |  posts
date: June 1, 2009
permalink

On server B, can you show me:

- $SPLUNK_HOME/etc/system/local/inputs.conf

- $SPLUNK_HOME/etc/system/local/outputs.conf

- the output of 'splunk list monitor'

On server A, can you show me:

- $SPLUNK_HOME/etc/system/local/inputs.conf

Does the alert log have a header or any binary data in it? I don't believe it does, but it doesn't hurt to check.

3
subhanjan's Mugshot posted by: subhanjan  |  posts
date: June 6, 2009
permalink

Thanks a lot.I cracked it myself going through the docs..

Post to this topic

You must be logged in to post a reply.