Expand my Community achievements bar.

AEM AS Cloud Service integration with Splunk SourceType Not Working

Avatar

Level 1
Level 1
3/8/25 3:21:58 PM

Hi Team,

 

Trying to forward aemaccess AEM logs from AEM Splunk to our own Splunk with below config 

.config

       LogForwarding-dev.yaml 

 

kind: "LogForwarding"
version: "1"
metadata:
  envTypes: ["dev"]
data:
  splunk:
    default:
      enabled: false
      host: "<splunk_host_name>"
      token: "${{SPLUNK_TOKEN}}"
      index: "<splunk_index>"
      sourcetype: "aemaccess"

 

Logs from all source types are syncing to splunk instead of just aemaccess logs.

 

Kindly suggest if there is more specific configuration to only pick logs from specific log source.

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Experience Manager as a Cloud Service

Views

238

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Level 1
Level 1
3/8/25 3:26:10 PM

I have also tried following configuration:

kind: "LogForwarding"
version: "1"
metadata:
  envTypes: ["dev"]
data:
  splunk:
    default:
      enabled: false
      host: "<splunk_host_name>"
      token: "${{SPLUNK_TOKEN}}"
      index: "<splunk_index>"
       sourcetype: 
         - aemaccess 
         - aemrequest.   a 

 This configuration also does not work. 

Views

236

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
3/9/25 1:47:11 PM

Hi @manish2v1,

I don't think picking one specific sourcetype is supported in the YAML configuration. According to the docs: "The sourcetype field will have one of the following values, depending on the specific log: aemaccess, aemerror, aemrequest, aemdispatcher, aemhttpdaccess, aemhttpderror, aemcdn".

Here, they are talking about the sourcetype field in Splunk, not YAML config. If you require that functionality, open a feature request.

 

Good luck,

Daniel

Views

190

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
3/9/25 3:25:30 PM
In response to daniel-strmecki

Thanks! Daniel

 

Yes, it would be good to only forward specific logs. I will open a feature request.

 

Regards,

Manish

Views

183

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
3/12/25 7:13:03 AM
In response to manish2v1

@manish2v1 Specific log files forwarding is not available through "LogForwarding" config as of now, but you can choose to discard the specific logs at your Splunk. Refer [0] for more details on the configuration required at your splunk to discard specific logs.

 

[0] - https://docs.splunk.com/Documentation/Splunk/9.4.1/Forwarding/Routeandfilterdatad#Filter_event_data_...

 

Views

121

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
[AEM Gems] Mastering Cache Efficiency for Optimal Page Performance

Views

49

Likes

2

Replies

0
Developer Console - Old Classic view vs New view in AEM Cloud

Views

111

Likes

0

Replies

0
An issue with the ACS AEM Commons Report Builder's Select Parameter

Views

659

Likes

0

Replies

9
Adobe Summit 2025, AEM Session/LAB | S718 How the Bungie Store Boosted Speed and Scale with Adobe Experience Manager

Views

201

Likes

2

Replies

0
Ingesting large-scale digital assets in AEM on-premise

Views

275

Likes

0

Replies

3