Getting Data In

remote data inputs

sarah89
Path Finder

hello

i want to extract logs of the firewall juniper ;, so i select remote event log collectiosn
i insert the ip adresse of the firewall to get data
but it doesn't work , can you help me
what does it mean "WMI"

Tags (3)
0 Karma

ziegfried
Influencer

Remote eventlog collection is for Windows eventlogs only. In case of a Juniper firewall you probably want to send data via syslog to Splunk.

0 Karma

ziegfried
Influencer

I don't know the exact procedure. You'll probably have to consult the documentation of your juniper box as well the Splunk docs on how to enable syslog input: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports

http://docs.splunk.com/Documentation/Splunk/latest/Data/WhatSplunkcanmonitor

0 Karma

sarah89
Path Finder

thank's for your answer

i wat to send via syslog to splunk , what i must configure in the firewall and in splunk ?
how we get data from it ?

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...