Forums: SplunkAdministration: Splunk to monitor Oracle logs

Hi,
We have a splunk server Server A with receiving enabled from Server B.In Server B we have enabled forwarding and have set the LightForwarder mode.In Server B we have enabled Data Inputs->Files and Directories->Add Input and gave the customized path /oracle/test/admin/bdump/alert_test.log.
We are unable to see the path or logs in ServerA.
In ServerB we can see the following message in Splunk log

05-31-2009 08:14:46.697 INFO SavedSplunker - SavedSplunker::main: Found 0 saved searches ready to run

05-31-2009 08:15:16.698 INFO SavedSplunker - SavedSplunker::main: Found 0 saved searches ready to run

Can we monitor my Oracle logs?Did we missed something in configuration.

On server B, can you show me:

- $SPLUNK_HOME/etc/system/local/inputs.conf

- $SPLUNK_HOME/etc/system/local/outputs.conf

- the output of 'splunk list monitor'

On server A, can you show me:

- $SPLUNK_HOME/etc/system/local/inputs.conf

Does the alert log have a header or any binary data in it? I don't believe it does, but it doesn't hurt to check.

Thanks a lot.I cracked it myself going through the docs..

Subhanjan,

Can u guide me in extracting logs from oracle database(Solaris-Forwarder) to windows server 2003 (Splunk Indexer) ?
Or can u refer the docs to me ?

Thanks,
Mateen.