Skip to main content
 
 
 
Splunk Lantern

Application server data

 

Application server logs (including business applications, middleware such as Tomcat, and run time logs such as java runtime) contain a wealth of information created when users and systems interact. Whether building a multi-tier web application or using a traditional client-server design, application servers run the backend software that handles user requests. Today, these are typically deployed as virtual machines on a multi-tenant hypervisor. Application server data may include customer information useful in troubleshooting or application state transitions similar to—but less verbose—than debug output that can provide clues to application crashes, memory leaks, and performance problems. It can also can help correlate and trace temporally separated errors to show how they contribute to a larger problem. Anomalies in the logs can indicate potential failures or compromised attempts.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Use cases for Splunk security products