I did try collect web server access log, e.g. Apache & IIS access log, and see fields in custom type do not contain URL but only file name filled in Object field. So I did custom Apache Advacned Syslog Parser myself for this purpose.
My question is should default parser extract URL into URL field? Do I miss something?
One more question is how can I filter events on ESM with URL? There is no URL field to choose from list of filter.
Attached is my custom ASP for Apache access log.
Message was edited by: parinya.ekparinya on 1/10/13 5:55:21 AM CST