Junos
Highlighted
Junos

SRX 240

‎02-22-2018 08:35 PM

Hello guys, how to configure email notifications in SRX 240 if something has been blocked?

 

 

6 REPLIES 6
Junos

Re: SRX 240

‎02-22-2018 08:44 PM

Hi,

 

Please review the following thread & KB:

https://forums.juniper.net/t5/SRX-Services-Gateway/How-to-configure-Email-Alert-of-an-event-from-SRX...

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB31375

 

 

 

/Karan Dhanak
# Please mark my solution as accepted if it helped, Kudos are appreciated as well.

Junos

Re: SRX 240

‎02-22-2018 08:53 PM

Thanks, Karan.

In your 2nd link, it has this option:

If the need is to monitor which virus is getting detected, syslogs can be configured as follows:


syslog {
     file antivirus-log {
         any any;
              match RT_UTM-AV;
       }
 }

 

Are you able to give a guide on how to configure syslog on SRX240?

Thanks.

Junos

Re: SRX 240

[ Edited ]
‎02-22-2018 09:15 PM

JJJCR,

 

setting syslogs is simple..

> set system syslog host X.X.X.X any any (all facilities all level)

 

Follow this KB (syslog) for system & traffic logging

https://kb.juniper.net/InfoCenter/index?page=content&id=KB16634&actp=METADATA

 

 

 

 

 

/Karan Dhanak
# Please mark my solution as accepted if it helped, Kudos are appreciated as well.

Junos

Re: SRX 240

‎02-22-2018 10:11 PM

Hi Karand,

Sending Logs to a Remote Syslog Server

 

In the following configuration example, log messages are sent to a remote syslog server (192.30.80.76):

user@host# set system syslog host 192.30.80.76 any any
 
Is below  the correct equivalent of the above command?
 
syslog {
file qflogs {
}
host 192.30.90.76 {
any any;
  }
}
Is there a link on how to convert those english command to a command with  open and close brackets? (sorry don't know how to call it)
Thank you.
Junos

Re: SRX 240

‎02-22-2018 10:32 PM

JJJCR,

 

Yes, that config is correct in order to send the logs to a remote syslog server.

You may want to add source address & structured-date if required 

 

set system syslog host x.x.x.x source-address x.x.x.x structured-data

 

Regarding "convert those english command to a command with  open and close brackets?" Did you meant display set?

 

re0> show configuration system syslog | display set
set system syslog host x.x.x.x any any

set system syslog file messages any any

 

 

 

 

 

 

 

 

/Karan Dhanak
# Please mark my solution as accepted if it helped, Kudos are appreciated as well.

Junos
Solution
Accepted by topic author JJJCR
‎02-22-2018 11:01 PM

Re: SRX 240

‎02-22-2018 10:37 PM

To add more to your previous query, you can display the config in the formats:

 

re0# show system syslog | display ?
Possible completions:
changed Tag changes with junos:changed attribute (XML only)
commit-scripts Show data after commit scripts have been applied
detail Show configuration data detail
inheritance Show inherited configuration data and source group
json Show output in JSON format
mark-changed Tag changes with junos:mark-changed attribute (XML only)
max-depth Maximum depth of configuration data
max-version Maximum version of configuration data
merge Merge multiple instances of database
omit Emit configuration statements with the 'omit' option
rfc5952 Display IPv6 addresses as per RFC 5952 specifications
set Show 'set' commands that create configuration
xml Show output as XML tags

 

 

/Karan Dhanak
# Please mark my solution as accepted if it helped, Kudos are appreciated as well.