This is a scripted input that reads one or more logs from Salesforce Commerce Cloud (SFCC) into Splunk. This script can be configured to pull many different log types from SFCC into different indexes or source types.
- Install the splunk app into your
/etc/apps/directory of splunk - Open
bin/config.pyand enter the required inforation. - Open
default/inputs.confand edit the regular expression pattern passed into the script. The example is looking for customerror-blade logs. Configure the interval in seconds that Splunk will poll the webdav directory for new logs. Change index, sourcetype, and source if you would like. - If you want to pull additional logs, copy all of the lines in
default/inputs.confand add them to the bottom with a different regex, index, sourcetype, etc... - Restart your splunk instance. You should now see your new scripted input in the splunk admin interface under
Data inputs > Scripts
Learn more about scripted inputs here: https://docs.splunk.com/Documentation/Splunk/7.2.4/AdvancedDev/ScriptSetup
Pull requests welcome!