Hi,
I have installed the apps Fortinet Fortigate Add-On as well as Foritgate App for Splunk.
I have a rsyslog configuration to dump the syslog from fortigate into a folder.
I configured splunk data input to monitor the above folder with sourcetype="fortigate"
I am able to search the data after they are indexed
However I am not able to get after results in the App for Fortigate.
What other configurations do I need to do please?
Thank you
↧