All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how to use Splunk for Juniper SA app with juniper Secure Access log file

jeandez
Explorer
‎06-09-2014 01:45 AM

Hi !
i have a juniper SA log file that i introduce in splunk.
but splunk does not extract the roles field and the realm field.
i installed splunk for juniper SA but this app doesn't create a specific index or a specific Sourctype that could be used for juniper SA log.
So i want to know how this app is used ? must i give a particular Sourcetype name for my juniper SA log ? or a specific index that could be recognize by this app ?

Thank you for help

Tags (1)
0 Karma
Reply

jeandez
Explorer
‎06-17-2014 01:00 AM

i fixed it. In juniper sa apps, in props.conf , regex for role and realm were not exact. i just write the good regex,and it work out .....

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk APM & RUM | Upcoming Planned Maintenance

There will be planned maintenance of the streaming infrastructure for Splunk APM and Splunk RUM in the coming ...

Part 2: Diving Deeper With AIOps

Getting the Most Out of Event Correlation and Alert Storm Detection in Splunk IT Service Intelligence   Watch ...

User Groups | Upcoming Events!

If by chance you weren't already aware, the Splunk Community is host to numerous User Groups, organized ...