I loaded the app "Splunk for Juniper SRX". I'm running Splunk 4.3. I don't seen any data being popultaed into the app.
I can see the syslog data within the native seach app. When I click on the Juniper apps I get the following error.
The following messages were returned by the search subsystem:
DEBUG: base lispy: [ AND sourcetype::srx_traffic ]
DEBUG: search context: user="mpegan", app="SplunkforJuniperSRX", bs-pathname="/opt/splunk/etc"
I'm very new to Splunk and don't know how to troubleshoot this. Do I need to configure the sourcetype srx_traffic?
Any help is greatly appreciated. Thanks
... View more