Firegen for Microsoft IIS provides visibility into the logging data recorded by websites hosted on Microsoft IIS web servers: traffic statistics,errors, pages not found, referers and ability to investigate activity from specific IP addresses.
The app requires the Splunk Add-on for Microsoft IIS (https://splunkbase.splunk.com/app/3185/) in order to install the necessary parsers.
In order to include the total bytes transferred in the report, the IIS logging format has to be adjusted to include the bytes field. Using IIS Manager, select the site to be configured and click on Logging. Ensure that the logging format is set to W3C. Click on Fields and add Bytes Sent and Bytes Received.
On the IIS server install a Splunk forwarder and configure a file input pointing to the location of the IIS logs (default is %SystemDrive%\inetpub\logs\LogFiles\W3SVCn (you will need to identify the site you wish to monitor). Configure the new file input to send the events to an index and use ms:iis as source type. We recommend a dedicated index.
Do not hesitate to contact us if you need assistance or if you have any suggestions.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.