🚫 🔍 [Deprecated] Juniper IDP
🚫 Deprecated: This connector has been deprecated and may be removed in future versions.
🔍 Discovered: This item was discovered by scanning the solution folder but is not listed in the Solution JSON file.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | JuniperIDP |
| Publisher | Juniper |
| Used in Solutions | JuniperIDP |
| Collection Method | MMA |
| Connector Definition Files | Connector_LogAnalytics_agent_JuniperIDP.json |
The Juniper IDP data connector provides the capability to ingest Juniper IDP events into Microsoft Sentinel.
Additional Information
🛠️ Device Configuration: Table: JuniperIDP_CL. Configure rsyslog ruleset with UDP input. Configure Juniper IDP syslog. See Custom Logs via AMA configuration.
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
JuniperIDP_CL |
? | ✓ | ? |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions: - Workspace (Workspace): read and write permissions are required. - Keys (Workspace): read permissions to shared keys for the workspace are required. See the documentation to learn more about workspace keys.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
NOTE: This data connector depends on a parser based on Kusto Function to work as expected JuniperIDP which is deployed with the Microsoft Sentinel Solution.
NOTE: IDP OS 5.1 and above is supported by this data connector.
1. Install and onboard the agent for Linux or Windows
Install the agent on the Server. Choose where to install the Linux agent:
Install agent on Azure Linux Virtual Machine
Select the machine to install the agent on and then click Connect. - Install agent on Linux Virtual Machine
Install agent on a non-Azure Linux Machine
Download the agent on the relevant machine and follow the instructions. - Install agent on Linux (Non-Azure)
Choose where to install the Windows agent:
Install agent on Azure Windows Virtual Machine
Select the machine to install the agent on and then click Connect. - Install/configure: InstallAgentOnVirtualMachine
Install agent on a non-Azure Windows Machine
Download the agent on the relevant machine and follow the instructions. - Install/configure: InstallAgentOnNonAzure
2. Configure the logs to be collected
Follow the configuration steps below to get Juniper IDP logs into Microsoft Sentinel. This configuration enriches events generated by Juniper IDP module to provide visibility on log source information for Juniper IDP logs. Refer to the Azure Monitor Documentation for more details on these steps. 1. Download config file juniper_idp.conf. 2. Login to the server where you have installed Azure Log Analytics agent. 3. Copy juniper_idp.conf to the /etc/opt/microsoft/omsagent/workspace_id/conf/omsagent.d/ folder. 4. Edit juniper_idp.conf as follows:
i. change the listen port for receiving logs based on your configuration (line 3)
ii. replace **workspace_id** with real value of your Workspace ID (lines 58,59,60,63)
- Save changes and restart the Azure Log Analytics agent for Linux service with the following command: sudo /opt/microsoft/omsagent/bin/service_control restart
- To configure a remote syslog destination, please reference the SRX Getting Started - Configure System Logging.
- Workspace ID:
WorkspaceIdNote: The value above is dynamically provided when these instructions are presented within Microsoft Sentinel.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊