Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Syslog Server how to...

    Posted 09-07-2008 05:02
    I am currently researching how I could utilize one of my Linux machines to capture eventlogs from my Juniper SSG5. I do not have the funds to purchase  a license for something like NSM or WebTrends or I would just do that. I believe I have logwatch installed on my Linux machine which sends me mail messages to my root account.  If someone can steer me in the right direction I can take over from there. Thanks.

     



  • 2.  RE: Syslog Server how to...
    Best Answer

    Posted 09-07-2008 09:34

    On the SSG you can direct both traffic and event log information to a syslog server.

     

    set syslog config x.x.x.x log all    ( This sends everything you can parse it down to just specifics if you dont need such verbose logging.  If you wish just for the event log or the traffic log just specify that instead of all)

    set syslog enable

    save

     

    The facility by default is local0

     

    You can change this by using the command 

     

    set syslog config x.x.x.x facilities localx

    save

     

    Now on your linux box. Configure syslogD or syslog-ng and use logwatch to parse for specific events you wish to alert on.  

     

    How to use Syslog-ng

     

    Hope this points you in the right direction.

    Message Edited by shadow on 09-07-2008 11:34 AM


  • 3.  RE: Syslog Server how to...

    Posted 09-18-2008 17:58
    Thanks!