Is it possible to forward logs from Junos Space/Collector to a LogRhythm Siem? A while back we were demoing some Siems and LogRhythm claimed to not be able to read them. All searching if seen seems to say that LogRhythm can handle structured data.
I am not sure how the LogRhythm SIEM tool works. But we have tested forwarding logs from Space Log collector to Juniper JSA(SIEM tool) and IBM QRADAR SIEM tool and it automatically parse the logs and identifies the log source.
You can try enabling the Forwarding options and check on the LogRhythm SIEM tool , it should detect and parse them automatically. It works fine in Juniper JSA and IBM QRADAR tool.
Regards -Animesh If this worked for you please flag my post as an "Accepted Solution" so others can be benefited.