Depends on your requirement. Full global policy is available in 11.2 and up iirc.

policies {
    global {
        policy log_denies {
            match {
                source-address any;
                destination-address any;
                application any;
            }
            then {
                deny;
                log {
                    session-init;
                }
            }
        }
    }
}

In earlier releases you might be able to solve your requirements with configuration groups - a typical use case is adding a default deny with log between all from/to zones which have policies.

groups {
    log_all_denies {
        security {
            policies {
                from-zone <*> to-zone <*> {
                    policy log_all_denies {
                        match {
                            source-address any;
                            destination-address any;
                            application any;
                        }
                        then {
                            deny;
                            log {
                                session-init;
                            }
                        }
                    }
                }
            }
        }
    }
}

 and then apply-groups log_all_denies

Thanks Adam, fantastic !

Good to know SRX support Globle policy from 11.2R . 

However , currently we use 10.4R6.5 , the group config is a good work-around as we might not upgrade the Junos to 11.2 in near future . but the new issue is , we are only allow to config SRX 5800 through NSM  , not CLI ...

Does NSM can do the Group ?

Cheers 

I've tried my best to stay away from NSM, last I heard it couldn't do it, but I do know Junos Space Security Design 12.x can do it.