Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add a Log Stream

Configure the type of log to be forwarded to an external SIEM system. You can also enable or disable the log stream.
  1. Click Administration > Log Streaming.
  2. Click +.
    The Add Log Stream page is displayed.
  3. Complete the configuration according to the guidelines in Table 1.
    Table 1: Fields on the Add Log Stream Page

    Field

    Description

    Enabled

    Enable streaming logs to an external SIEM server.

    Name

    Enter the name of the log streaming connection.

    Log type

    Select the log type to be forwarded to the external SIEM server.

    • AuditLog

    • Sessions

    • SecurityEvents

    Connection type

    Select the SIEM server connection type.

    • Azure Data Collector

    • Azure Logic App

    Each connection type has its own unique configuration. Each configuration field value is obtained from Microsoft Azure and needed by Juniper Security Director Cloud to stream logs to Microsoft Azure.

    Workspace ID

    Enter the workspace ID associated with the Azure Log Collector.

    Primary key

    Enter the primary key associated with the Azure Log Collector.

    URL

    Enter the HTTP POST URL associated with the Azure Logic App for HTTP requests.

    Enable log compression

    Enable this option to compress the logs using GZip before streaming them to Azure.

    Log compression is supported only for the Azure Logic App connection type.
  4. Click Test to verify the connection with the external SIEM server.
  5. Click OK.
The log stream is displayed on the Log Streaming page.

Related Documentation