Hi all,
As many said, there is no direct way to know the NCPS on SRX yet, but there is a tricky one.
First of all, I didn't find a way to obtain the NCPS for the whole box. But it is possible to know the rate of new sessions coming to a given interface or translated with a given NAT pool.
Each interface as well as NAT pool have a connections hit counter. You can get it in constant intervals and so measure the NCPS rate.
You can see these counters in "show interfaces extensive" for ifaces and in "show security nat source pool all".
user@srx> show interfaces extensive ge-0/0/0.0 | match conne
Connections established : 3199175013
user@srx> show security nat source pool all | match hit
Translation hits : -975476222
Yeah, for NAT it can be negative. Fun, but doesn't matter in this case. Just substract the new value from the old one with no care to the sign.
I don't know what about NAT, but interface counters are available through SNMP. So you can get them in a manner of iface bytes counters to draw graphs using some MRGT-like tool.
The OID is 1.3.6.1.4.1.2636.3.39.1.1.1.1.1.1.6.xxx, where xxx is the interface's SNMP index, which can be gotten with "show interfaces extensive".
Here is an example.
time T:
user@srx> show snmp mib get 1.3.6.1.4.1.2636.3.39.1.1.1.1.1.1.6.xxx
jnxJsIfMonConn.xxx = A
time T+t
user@srx> show snmp mib get 1.3.6.1.4.1.2636.3.39.1.1.1.1.1.1.6.xxx
jnxJsIfMonConn.xxx = B
The NCPS rate is (B-A)/t.