All Apps and Add-ons

how to use Splunk for Juniper SA app with juniper Secure Access log file


Hi !
i have a juniper SA log file that i introduce in splunk.
but splunk does not extract the roles field and the realm field.
i installed splunk for juniper SA but this app doesn't create a specific index or a specific Sourctype that could be used for juniper SA log.
So i want to know how this app is used ? must i give a particular Sourcetype name for my juniper SA log ? or a specific index that could be recognize by this app ?

Thank you for help

Tags (1)
0 Karma


i fixed it. In juniper sa apps, in props.conf , regex for role and realm were not exact. i just write the good regex,and it work out .....

0 Karma
Get Updates on the Splunk Community!

Splunk APM & RUM | Upcoming Planned Maintenance

There will be planned maintenance of the streaming infrastructure for Splunk APM and Splunk RUM in the coming ...

Part 2: Diving Deeper With AIOps

Getting the Most Out of Event Correlation and Alert Storm Detection in Splunk IT Service Intelligence   Watch ...

User Groups | Upcoming Events!

If by chance you weren't already aware, the Splunk Community is host to numerous User Groups, organized ...