Management
Reply
Contributor
cyke
Posts: 57
Registered: ‎06-02-2008
0

can nsm access logs sent to a syslog server?

i plan to use a syslog server for storing device logs since nsm storage is quite small for storing traffic logs.  my question is can the nsm still access old logs from the syslog server for analysis and reporting?

Trusted Contributor
Tica
Posts: 63
Registered: ‎02-06-2009
0

Re: can nsm access logs sent to a syslog server?

Sorry no, 

 

You need an STRM for that.

NSM can only parse his own log files

 

-Tim

Contributor
cyke
Posts: 57
Registered: ‎06-02-2008
0

Re: can nsm access logs sent to a syslog server?

HI,

 

Thanks for the reply.

 

we have an NSMexpress and 4 SRX5600.  how much logs can be retained assuming that the srx logs all session(session close), screen and IDP?  we wish to retain at least 15 days of logs.  if the NSM cannot parse syslog data, what other options do we have?

 

 

Trusted Contributor
Tica
Posts: 63
Registered: ‎02-06-2009
0

Re: can nsm access logs sent to a syslog server?

Hi Cyke, 

 

I don't know how many logs your 5600 will be generating (depends on events per second)

Unfortunally NSM is desinged to be a management station, it can handle some logging but not a lot. I don't have the exact figures anymore, but with one SRX you can make an NSM unresponsive.

 

Also SRX won't send all his log entries towards the NSM since NSM is connected on the control plane and that can't handle the amount of logging a 5600 can generate.

Syslog is done by forwarding plane to speed up the loggin process. 

 

You have several options

1) Tweak the things you want to log and have a good backup strategy for your log files, you can restore files without restarting the services

2) STRM is a better solution, since you can scale the strm to parse the amount of logging you will need. STRM is also purpose build.

 

-Tim

 

 

 

Contributor
cyke
Posts: 57
Registered: ‎06-02-2008
0

Re: can nsm access logs sent to a syslog server?

Hi Tim,

 

Thanks for the quick response.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.