SRX Services Gateway
SRX Services Gateway

Need some clarification

09.15.10   |  
‎09-15-2010 01:24 AM

From the following syslog, I like to know which one is sent bytes and which one is received bytes .Can any one help?

 

<14>Mar 11 09:46:01 RT_FLOW: RT_FLOW_SESSION_CLOSE: session closed TCP FIN: xx.xx.xx.xx/52283->xx.xx.xx.xx/80 junos-http xx.xx.xx.xx/25612->xx.xx.xx.xx/80 source-nat-rule None 6 trust-to-untrust trust untrust 31068 52(17903) 72(63139) 11

 

Thanks in advance.

4 REPLIES
SRX Services Gateway

Re: Need some clarification

09.15.10   |  
‎09-15-2010 06:12 AM

Hi, see this page:

 

http://www.juniper.net/techpubs/en_US/junos10.1/information-products/topic-collections/syslog-messag...

 

In first parenthesis is bytes from client, and in second is bytes from server

Regards,
Adam

(if my post helped solve your problem, mark it as accepted solution)
SRX Services Gateway

Re: Need some clarification

09.15.10   |  
‎09-15-2010 06:22 AM

Are you using unstructured syslogs?  If you switch to the sd-syslog format additional fields will be present to help identify these and other statistics.

Highlighted
SRX Services Gateway

Re: Need some clarification

09.15.10   |  
‎09-15-2010 06:36 AM

Hi

 

Thanks for the reply.

 

So  bytes-from-client  is sent value and bytes-from-server is received value. Is that correct?

 

Please correct me if I am wrong.Because as per the below link, the inbound value(received) is changed to bytes-from-client.

 

http://jnpr.net/techpubs/en_US/junos9.6/information-products/topic-collections/release-notes/9.6/top...

 

So I am not sure which one is sent and received.

SRX Services Gateway

Re: Need some clarification

09.16.10   |  
‎09-16-2010 03:33 AM

Can any one help ?