I did try collect web server access log, e.g. Apache & IIS access log, and see fields in custom type do not contain URL but only file name filled in Object field. So I did custom Apache Advacned Syslog Parser myself for this purpose.
My question is should default parser extract URL into URL field? Do I miss something?
One more question is how can I filter events on ESM with URL? There is no URL field to choose from list of filter.
Attached is my custom ASP for Apache access log.
Message was edited by: parinya.ekparinya on 1/10/13 5:55:21 AM CST
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.