SRX Services Gateway
Highlighted
SRX Services Gateway

Juniper Firefly - Bombarded by alerts

‎08-05-2014 11:33 PM

hey guys,

 

So we have been implementing the fireflys over the last 6 months and we keep getting bombarded with alerts. The main alerts are VPN tunnel phase 1 alerts. We would like to disable phase 1 going down on the SRX. Does anyone know how to turn off the alerts for the phase 1 going down but still be able to see the logs that show what the phase 1 issue is? The other physical SRX's we have don't alert like this. Maybe it's because of the newest version of code on the firefly's but can we turn it off on the firewall instead of not trapping it on our monitoring device?

 

Thanks

8 REPLIES 8
Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-05-2014 11:55 PM

Hi,

I believe you are seeing these alerts on syslog messages file.

Please set the syslog messages file to :

 set system syslog file messsages any alert

 

Also can you please give a snippet ot this log. To see actually

 

Regards,

c_r

 

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too

 

Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

[ Edited ]
‎08-06-2014 11:32 AM

 IKE negotiation failed with error: Invalid syntax. IKE Version: 1 VPN: The_Park Gateway: The_Park Local: #.#.#.#.154/500 Remote: #.#.#.18/500 Local IKE-ID: Not-Available Remote IKE-ID: Not-Available VR-ID: 0


IKE negotiation failed with error: Timed out. IKE Version: 1 VPN: Customer-VPN01 Gateway: Customer-VPN01 Local: #.#.#.7/500 Remote:#.#.#.50/500 Local IKE-ID: 1.#.154.154 Remote IKE-ID: 22.#.47.250 VR-ID: 0

Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-06-2014 07:41 PM

Hi,

 

This is just info in nature.Can be ignored.

I fyou wish not to see the error, you may ste the syslog setting as mentioned before or  teh following :

set system syslog file messsages any any

set system syslog file messsages match "!(IKE negotiation failed with error:)"

 

I hope this helps.

 

regards,

c_r

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too

Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-08-2014 07:31 AM

Will this take it out of the show log messages file or will it just not send a syslog to the monitoring system?

Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-08-2014 08:13 AM

Error meesage would not be printed in messages file on commiting configuration provided by c_r

Note: If this answers your question, you could mark this post as accepted solution, that way it helps others as well. Kudos will be cool if I earned it!
Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-10-2014 11:08 AM

Just for reference. We will probably put int the command "set system syslog file messages any error".

Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-16-2014 06:22 PM

Ok, What if I want alerts to report to show log messages file but not to our monitoring system. I can cut this off at the monitoring devices but I'm wondering if we have a way that we can let it log to the srx and then cut it off from being sent out to our monitoring system by the SRX?

Highlighted
SRX Services Gateway

Re: Juniper Firefly - Bombarded by alerts

‎08-17-2014 10:26 AM

c_r did provide a solution that would work but it would keep it out of the log messages file. I need something that logs to the log messages file but not outside of the srx.

 

 

Feedback