Splunk dashboard not visible when using Fortigate Add-on for Splunk

Forum|Forum|8 years ago
May 2, 2018
1 reply
4749 views

I using Splunk for Fortigate event log collection, and have installed the official (developed by Fortinet, Inc) Fortinet Fortigate Add-on (splunkbase app id: 2846) [link]https://splunkbase.splunk.com/app/2846/[/link] Add-on, and it shows a dashboard screen in the literature - however, I'm not able to see any pre-built dashboard in my Splunk instance.

I do have data coming in, and can search, but was hoping to leverage the prebuilt dashboard from Fortinet add-on.

Is it required I install the older "App" as well? (splunkbase app id 2800) https://splunkbase.splunk.com/app/2800/

Splunk Enterprise v7.1

Fortigate 60E, 5.4 firmware

Markus

New Member

Hi,

Welcome to the Forums. Did you have Splunk Enterprise Security add-on installed? From my point of view, this (not free) add-on is required for the Fortinet FortiGate Add-On for Splunk. If you have Splunk without ES, you have to use Fortinet FortiGate App for Splunk https://splunkbase.splunk.com/app/2846/#/details

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded