New to Splunk... not seeing how I can get this App working? I have my Fortigates sending syslog data to splunk, but none of the searches seem to match up. Soory for the Noob question, but is there a help file somewhere I'm missing?
Hello,
Have you set the soucetype "fortigate" for the logs you collect from your firewalls.
You have an example il the README
Regards,
Abel