Dashboards & Visualizations

Splunk App for Juniper Firewalls

Splunk Employee
Splunk Employee

Hi Folks,

Implementing this morning the Splunk App for Juniper Firewalls, I managed that to work simply configuring on Juniper web interface the destination IP, traffic log and configuring Splunk to collect all the logs at the 514 port. OK, it was very easy to do and now I am very happy with that. However, when I accessed the top menu "Remote Access >> VPN Summary", "my surprise part 1", the page was not showing anything. So, open the the "vpn_summary" view with Splunk's XML editor, "my surprise part two", the code don't have any dashboard definition.

Anyone here has had this experience? Any hint on that? Anyone has developed a VPN dashboard from the scratch using the juniper firewall data? I am looking forward to hearing from you guys, thanks a lot!

Tags (4)

New Member

Hello, I am unable to display the info on the app. I already configured the port 514 and source type as srx_log and set the edit security log info as this:

root# show
mode stream;
format sd-syslog;
stream splunk {
format sd-syslog;
host {;
port 514;

if I change the source type from srx_log to syslog, results appear under the normal search

any help will be appreciated

0 Karma


Hi Wagner,

I've just had a look at the "Splunk for Juniper Firewalls" App and you're right, there's no content for the VPN Summary dashboard. My suggestion would be to contact the developer listed on the app download page to get more info.

If you find the rest of the app useful, but don't want to see the 'Remote Access > VPN Summary' menu, you can always remove it from the menu bar by going to:

Manager > User Interface > Navigation Menus > default

And remove the following from the XML:

<collection label="Remote Access">
    <view name="vpn_summary"/>

On the other hand, you can get brave and make your own dashboard 🙂

I hope this has been of some help!

0 Karma
Get Updates on the Splunk Community!

Register to Attend BSides SPL 2022 - It's all Happening October 18!

Join like-minded individuals for technical sessions on everything Splunk!  This is a community-led and run ...

What's New in Splunk Cloud Platform 9.0.2208?!

Howdy!  We are happy to share the newest updates in Splunk Cloud Platform 9.0.2208! Analysts can benefit ...

Admin Console: A Single, Unified Interface for All Your Cloud Admin Needs

WATCH NOWJoin us to learn how the admin console can save you time and give you more control over the Splunk® ...