SRX Services Gateway
SRX Services Gateway

Policy hit count

07.12.17   |  
‎07-12-2017 12:03 AM

Hi

 

Does the number of hits displayed in the "show security policies hit-count" has a timeout ?

I mean, is it reseting the hit-count automatically after X days ?

Or just after reaching a X hits , then it is reseting ?

 

 

 

Regards,
A'bed AL-R.
[JNCSP-SEC JNCDA JNCIS-ENT Ingenious Champion|Sec]
https://srxtech.wordpress.com
3 REPLIES
SRX Services Gateway

Re: Policy hit count

07.12.17   |  
‎07-12-2017 12:14 AM
AFAIK, this counter only clears with Reboot. There may be a limit on the number of hits, but I expect it will be too large .
Are you facing any issues?
Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
SRX Services Gateway

Re: Policy hit count

07.12.17   |  
‎07-12-2017 01:06 AM
Hi Suraj

No , Not realy facing any critical issue ..
Just wanted to perform deletion of all policies witch is having 0 hit-counts and I can see too many .. So I wanted to know i the hit-count resets automatically in case the device didn't reboot ..

Regards,
A'bed AL-R.
[JNCSP-SEC JNCDA JNCIS-ENT Ingenious Champion|Sec]
https://srxtech.wordpress.com
Highlighted
SRX Services Gateway

Re: Policy hit count

07.12.17   |  
‎07-12-2017 01:55 AM

Hi 

 

In a cluster, the count is a sum of all the Services Processing Cards (SPC) hit counts; it is cluster-wide. If a Packet Forwarding Engine (PFE) in a node is in failover mode, but does not reboot, the counter persists. If a node reboots, the PFE in the node also reboots, and the counter is cleared. During an in-service software upgrade (ISSU), all PFEs reboot, therefore all counters are cleared.

 

Regards,

Anand

[KUDOS PLEASE! If you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]