SRX

last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  cli commands for monitoring on SRX

    Posted 10-16-2009 13:03
    can you help with cli commands i can use for monitroing IDP, UTM, NAT activities


  • 2.  RE: cli commands for monitoring on SRX
    Best Answer

    Posted 10-16-2009 14:24

    Howdy - here are some good ones to get you started 🙂

     

    Monitor IDP

    show security policies policy name <name> detail (for detail)

    show security idp status

    show security idp counters

    show security idp memory

     

    Let me know if you would like trace file options

     

    UTM

    show security screen statistics zone <zone-name>

     

    NAT

    show security flow session

    show security nat source rule <rule-name>

    show security nat source pool <pool-name>

    show security nat source summary

     

    Destination instead of source for dest-nat

     

    Let me know if would like trace file options

     

    Hope this helps!


  • 3.  RE: cli commands for monitoring on SRX

    Posted 10-16-2009 21:52
    Thanks please let me have the trace file options as well.


  • 4.  RE: cli commands for monitoring on SRX

    Posted 10-21-2009 10:17

    You set up traceoptions for the specific service you are interested in:

     

    So for example - "screen"

     

    root@ITG_SRX_254# edit security screen

    [edit security screen]

    root@ITG_SRX_254# set traceoptions file <filename>

    root@ITG_SRX_254# set traceoptions flag <flag values>

    [edit security screen]

    root@ITG_SRX_254# show traceoptions

    file trace-screen;

    flag configuration;

     

    For IDP simply move to the IDP stanza

     

    [edit security idp]

    root@ITG_SRX_254# edit security idp

     

    same commands will work there