SRX Services Gateway
Reply
Visitor
MPower
Posts: 3
Registered: ‎06-17-2009
0

Does the SRX 210 Support any kind of traffic logging into NSM?

Just set up a 210 box in a lab enviroment to play with, after looking everywhere on the juniper web for some guidelines how to set up logging to NSM, i'm wondering if it is supported or not, any ideas about this anyone?

 

 

Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: Does the SRX 210 Support any kind of traffic logging into NSM?

You might find this Knowledgebase article useful.

 

http://kb.juniper.net/KB13436

 

Basically NSM looks for log file called default-log-messages. So that would need to be configured on the SRX. Note that if you used device reachable workflow to add the device to NSM then this log file would automatically be added to the configuration during initial config push.

 

-Richard

Visitor
MPower
Posts: 3
Registered: ‎06-17-2009
0

Re: Does the SRX 210 Support any kind of traffic logging into NSM?

That did fix some stuff, i can now see stuff like this in NSM:

 

Log ID    Time Received    Alert    User Flag    Src Addr    Dst Addr    Action    Protocol    Dst Port    Rule #    Nat Src Addr    Nat Dst Addr    Details    Category    Subcategory    Severity    Device    Comment
20090618/68    18.06.09 13:35:44    No Alert    Unflagged    0.0.0.0    0.0.0.0    Accepted    HOPOPT    0        0.0.0.0    0.0.0.0    junos@2636.1.1.1.2.36 command=request-web-management-update session-id=090bceb14667b0e07bb6457e7ec8e251649d9699 User 'root' used JUNOScript client to run command 'request-web-management-update session-id=090bceb14667b0e07bb6457e7ec8e251649d9699'
    Info    UI_JUNOSCRIPT_CMD    Informational   

 

but still no traffic logs... 

Trusted Expert Trusted Expert
Trusted Expert
WL
Posts: 790
Registered: ‎07-26-2008
0

Re: Does the SRX 210 Support any kind of traffic logging into NSM?

[ Edited ]

Can you show one of the policy configuration for which you are expecting to see traffic logs for? It may be that you left out to enable log on the policy by any chance?

 

 

Also check out this post from previously, I think the links to the KBs should help you:

http://forums.juniper.net/jnet/board/message?board.id=srx&thread.id=89&jump=true

Message Edited by WL on 07-08-2009 01:02 PM
****pls click the button " Accept as Solution" if my post helped to solve your problem****
Visitor
MPower
Posts: 3
Registered: ‎06-17-2009
0

Re: Does the SRX 210 Support any kind of traffic logging into NSM?

Been speaking to Juniper TAC about this, they confirmed that NSM and JunOS 95 are not supporting trafficlogging into nsm Yet.. but will come in NSM 2009.something...

 

 

so guess we have to stick to good old syslog in the meantime... such as splunk...

 

if only there could be some finished plugins for splunk for JunOS...:smileysad:

 

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.