hello
i want to extract logs of the firewall juniper ;, so i select remote event log collectiosn i insert the ip adresse of the firewall to get data but it doesn't work , can you help me what does it mean "WMI"
Remote eventlog collection is for Windows eventlogs only. In case of a Juniper firewall you probably want to send data via syslog to Splunk.
I don't know the exact procedure. You'll probably have to consult the documentation of your juniper box as well the Splunk docs on how to enable syslog input: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports
http://docs.splunk.com/Documentation/Splunk/latest/Data/WhatSplunkcanmonitor
thank's for your answer
i wat to send via syslog to splunk , what i must configure in the firewall and in splunk ? how we get data from it ?
