Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Enable logging on all policies

    Posted 01-04-2011 10:10

    I'm wondering if there is an easy way to enable logging (and enable it at session beginning) for ALL policies on the device.  We just enabled syslog shipping for traffic logs and we want all existing policies to ship it to the syslog server, but going back to all policies and checking every box by hand is painful.

     

    Anybody have any tricks they can share with me?

     

    Thanks!



  • 2.  RE: Enable logging on all policies
    Best Answer

    Posted 01-04-2011 14:17

    Generate the code, upload is cli. Use a good editor or something lik that. I often use a shell on UNIX/LINUX or JUNOS machine.

     

    To add loging to a policy you can do something like this:

     

    set policy id <id>

    set log

    exit

     

    So the shell code:

     

    i=1

    while [ $i -le <last policyid> ]

    do

          echo "set policy id $i"

          echo "set log"

          echo "exit"

         i=`expr $i +1`

    done

     

    run the script, copy paste the output in the cli.

     

    No way to do it easy in the cli.

     

     



  • 3.  RE: Enable logging on all policies

    Posted 01-05-2011 09:09

    Thanks! I was hoping a cleaner way to do it other than brute force throwing crap at it, but it will work.  Thank you for your assistance!