All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Looking for Barracuda app that's compatible with Splunk 7x

johnward4
Communicator
‎04-08-2018 11:11 PM

Hey guys,
My having trouble finding a compatible Barracuda app with Splunk Enterprise 7x.. I've tried configuring 3 of the apps currently available with the logs that being sent to my Splunk instance via syslog over udp 514 but no luck so far.

0 Karma
Reply

twitek
New Member
‎04-09-2018 12:32 AM

Hi @johnward4,

which Barracuda product are you using?

The plugin provided by @deepashri_123 if for the WAF/ADC. If you are looking for the NextGen Firewall, the plugin would be: https://splunkbase.splunk.com/app/2634/

Hope this helps!

0 Karma
Reply

johnward4
Communicator
‎04-11-2018 01:29 PM

I have that add-on installed but the only eventtype that I'm seeing is err0r. The fields don't appear to be being extracted/normalized via the add-ons props and transforms. I have been testing the other apps available in splunkbase but most are outdated for my version of Splunk and having a difficult time finding an app that displays the barracuda data collected in dashboard visualization

0 Karma
Reply

twitek
New Member
‎04-12-2018 12:00 AM

There is a page that documents the required setup: https://campus.barracuda.com/product/cloudgenfirewall/doc/73719600/splunk-integration/?sl=AWK4o5wZN7...

It's worth noting that there are a few specific settings on the firewall that need to be configured in order for the dashboards to work correctly, in particular:

In "General Firewall Configuration"
* Application Control Logging: Log-All-Applications
* Activity Log Mode: Log-Pipe-Separated-Key-Value-List

If you look at the "Search" app of Splunk, do you see the raw data there?

Hope this helps!

0 Karma
Reply

deepashri_123
Motivator
‎04-08-2018 11:16 PM

Hey@johnward4,

You can refer this add-on:
https://splunkbase.splunk.com/app/3776/#/details

Let me know if this helps!!

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...