LSYS Logging possible in event or stream mode (High-End Firewalls SRX 1k/3k/5k)
[ Edited ]
I didn't found the right solution/answer for my problem regarding LSYS logging with Juniper SRX 1k/3k/5k in release 11.4 R9.4.
The goal from my side is to implement for every LSYS-Customer their own STRM/Syslog Server. If the customer already have a syslog solution in place, they should be able to use their syslog servers. This Syslogserver should receive all Logs relevant to the desired LSYS like traffic logs and other logs. To send logs out of the data plane i must configure logging in stream mode instead of event mode. The picture attached should indicate what i would like to do:
- Traffic-Logging per LSYS ?
- Logging in Stream Mode per LSYS ?
- Is this supported through juniper or any restrications ?
Re: LSYS Logging possible in event or stream mode (High-End Firewalls SRX 1k/3k/5k)
Thanks for your fast answer. When I have a look at the KB28775 i see that i have to create an lt between root and LSYS. Is it really requiered to setup an lt-tunnel (interconnection) between root and LSYS to support stream logging ?