Getting Data In

remote data inputs

sarah89
Path Finder

hello

i want to extract logs of the firewall juniper ;, so i select remote event log collectiosn
i insert the ip adresse of the firewall to get data
but it doesn't work , can you help me
what does it mean "WMI"

Tags (3)
0 Karma

ziegfried
Influencer

Remote eventlog collection is for Windows eventlogs only. In case of a Juniper firewall you probably want to send data via syslog to Splunk.

0 Karma

ziegfried
Influencer

I don't know the exact procedure. You'll probably have to consult the documentation of your juniper box as well the Splunk docs on how to enable syslog input: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports

http://docs.splunk.com/Documentation/Splunk/latest/Data/WhatSplunkcanmonitor

0 Karma

sarah89
Path Finder

thank's for your answer

i wat to send via syslog to splunk , what i must configure in the firewall and in splunk ?
how we get data from it ?

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...