https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12575#M96476 <P>I believe most of the Juniper firewalls are capable of sending syslog type output and they also write to log files. I know of multiple use cases where Juniper data is sent via a network input to Splunk. I see two options:</P> <OL> <LI><P>Leverage the log forwarding capability of the firewall and send it to Splunk via a network input (typically port 514 UDP or TCP, and make sure you specify syslog sourcetype)</P></LI> <LI><P>If you can send the file to a directory on the Splunk system, you could use a basic file or directory monitoring input. You would also want to specify the syslog sourcetype in this configuration.</P></LI> </OL> <P>For more information on creating inputs:</P> <P><A href="http://www.splunk.com/base/Documentation/latest/Admin/WhatSplunkcanmonitor" rel="nofollow">http://www.splunk.com/base/Documentation/latest/Admin/WhatSplunkcanmonitor</A></P> Thu, 29 Apr 2010 23:40:55 GMT Simeon 2010-04-29T23:40:55Z https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12574#M96475 <P>Hi,</P> <P>I am new to Splunk and I am trying to workout the best way to get logs from JunOS based firewalls into Splunk. I am currently using Syslogh, but this isn't getting all the information I am after. Could someone advise the most reliable way of collecting the informaiton?</P> <P>I am trying to get the logs from Juniper SRX firewalls.</P> <P>I would also like to know how I could achieve change monitoring as well?</P> <P>Many thanks</P> Thu, 29 Apr 2010 23:07:03 GMT https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12574#M96475 craigallen 2010-04-29T23:07:03Z https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12575#M96476 <P>I believe most of the Juniper firewalls are capable of sending syslog type output and they also write to log files. I know of multiple use cases where Juniper data is sent via a network input to Splunk. I see two options:</P> <OL> <LI><P>Leverage the log forwarding capability of the firewall and send it to Splunk via a network input (typically port 514 UDP or TCP, and make sure you specify syslog sourcetype)</P></LI> <LI><P>If you can send the file to a directory on the Splunk system, you could use a basic file or directory monitoring input. You would also want to specify the syslog sourcetype in this configuration.</P></LI> </OL> <P>For more information on creating inputs:</P> <P><A href="http://www.splunk.com/base/Documentation/latest/Admin/WhatSplunkcanmonitor" rel="nofollow">http://www.splunk.com/base/Documentation/latest/Admin/WhatSplunkcanmonitor</A></P> Thu, 29 Apr 2010 23:40:55 GMT https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12575#M96476 Simeon 2010-04-29T23:40:55Z https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12576#M96477 <P>i am using juniper ISG 2000, i am looking for splunk app, which can monitor my juniper logs. I tried severals apps for juniper, but i got nothing.<BR /> My juniper runs on junos.</P> <P>Could you give me the requisite app, and the documentation ??</P> <P>thank you</P> Thu, 13 Mar 2014 09:36:32 GMT https://community.splunk.com/t5/Getting-Data-In/Best-way-to-get-JunOS-logs-into-Splunk/m-p/12576#M96477 jeandez 2014-03-13T09:36:32Z