Monitoring and Alerting AE and ARA processes log files with Splunk

Discussion created by Vlad_N on Dec 27, 2017

Does anyone have pointers if anything special need to be set up for Splunk forwarders in order to properly ingest all the logs data for AE CPs, WPs, JWPs, ARA logs, Tomcat, IIS etc...?

My main concern is to have Splunk properly recognize timestamps so the log messages can be all correlated between all the log files.

For example, if I want to trace all events or transactions between 12:01 AM and 12:03 AM across all the log files.

We have ARA7.02 and AE & AWI12.0.2, balanced on 2 Windows servers. 


Vlad Navazhylau