SRX Services Gateway
Highlighted
SRX Services Gateway

SRX 240 packet capture to syslog/splunk

[ Edited ]
‎10-23-2014 01:16 AM

Hello

I noted that the srx branch series can now do IDP related pre and post alert packet captures, as noted in the article below:

"This feature is on SRX-branch platforms (SRX100 - SRX650 ) as of 12.1X46"

http://kb.juniper.net/InfoCenter/index?page=content&id=KB26794&actp=RSS&smlogin=true

This link may also be helpful to note what I am trying to do:

http://kb.juniper.net/InfoCenter/index?page=content&id=KB28786&actp=RSS

I was wondering if the output of this packet capture can be sent to a syslog server or the such, for example, splunk.

Also, would someone have an example of how this looks outputted?

Thanks

1 REPLY 1
Highlighted
SRX Services Gateway

Re: SRX 240 packet capture to syslog/splunk

‎10-23-2014 02:00 AM

Set the host address to your splunk collector address.

[KUDOS PLEASE! If you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
Feedback