Troubleshooting Tip: How to troubleshoot FortiGate log parsing issues in Splunk
| Description | This article describes how to troubleshoot when the Splunk dashboard does not parse the FortiGate logs and not showing the statistics. |
| Scope | Splunk, FortiGate. |
| Solution | Ensure that Splunk is receiving the logs. If not, follow the KB Article to troubleshoot: Troubleshooting Tip: How to troubleshoot connection issues between FortiGate and Splunk
If Splunk is not parsing the logs using the FortiGate App, ensure it uses the latest App. There are two Apps available for Splunk from FortiGate: Fortinet FortiGate App for Splunk and Fortinet FortiGate Add-On for Splunk:
The Fortinet Technical Support department does not offer technical assistance for the FortiGate App for Splunk. Information from the user community might be available from sources such as Splunk Answers. For more information, review the page https://splunkbase.splunk.com/app/2800.
|
