Configure Ingest for Microsoft IIS Server

This package is designed to be used in conjunction with the Falcon LogScale Log Collector, see Configure Falcon Log Collector for more information.

Once you have installed the Log Collector apply the configuration detailed below. but be sure to edit the log file locations on the lines `include:` if needed and enter your LogScale URL and ingest token. This configuration was tested with

This configuration was tested with:

IIS v10
Falcon LogScale Collector v1.2.0
Falcon LogScale v1.72.0

yaml

sources:
  access_log:
    type: file
    include: C:\inetpub\Logs\LogFiles\W3SVC*\u_ex*.log
    parser: "microsoft/iis:iis_access"
    sink: humio
  http_error_log:
    type: file
    include: C:\Windows\System32\LogFiles\HTTPERR\*.*
    parser: "microsoft/iis:iis_http_error"
    sink: humio

sinks:
  humio:
    type: humio
    token: <ingest-token>
    url: <logscale-base-url> // example - https://cloud.community.humio.com

Integrations

Packages

Other Integrations

Log Formats

Configure Ingest for Microsoft IIS Server

Enter search term