SRX Services Gateway
SRX Services Gateway

SRX3400 logical system traffic logs and JWEB

‎02-06-2012 03:50 AM

Hi,

 

I've been wondering if it is possible at the moment to receive traffic logs in the JWEB-interface in logical system running on SRX3400 Junos 11.4R1.6.

 

I've managed to get traffic logs to JWEB on non-LSYS system by configuring 

file policy_session {
user info;
match RT_FLOW;
archive size 5120000 world-readable;
structured-data;
}

log {
mode event;
event-rate 1500;
}

 

However I cannot configure archive options on the logical-system / LSYS / system / syslog / file. And including only user info, match and structured-data does not seem to bring the logs to JWEB.

 

Currently like this (won't show in JWEB):

logical-systems {

LSYS-TEST {

file policy_session {
user info;
match RT_FLOW;

structured-data;
}

}

}

 

Any tips would be appreciated, thanks!

 

Regards,

Jesse

4 REPLIES 4
SRX Services Gateway

Re: SRX3400 logical system traffic logs and JWEB

‎08-02-2012 10:28 AM

I am having this same issue on a 3600. It appears to still be a problem in 11.4R4

Highlighted
SRX Services Gateway

Re: SRX3400 logical system traffic logs and JWEB

‎10-10-2012 05:24 PM

Similar issue is noticed on SRX1400 running 11.4R5. 

Please open up a JTAC case for analysis and resolution. 

-Salman Sheikoh

SRX Services Gateway

Re: SRX3400 logical system traffic logs and JWEB

‎06-22-2015 12:47 AM

Hi,

 

we have this issue, how can we configure SRX3400 logical system to get policy logging on JWeb?

 

 

Thanks,

SRX Services Gateway

Re: SRX3400 logical system traffic logs and JWEB

‎06-22-2015 01:09 AM

Hello ,

 

Its similar to how you configure in root LSYS itself with policy statement as "session-init" and "session-close" .

Only difference is that you need these policies to be in LSYS .

 

logical-systems {
    DOP {
        security {
                    policy 3 {
                        match {
                            source-address any;
                            destination-address any;
                            application any;
                        }
                        then {
                            permit;
                            log {
                                session-init;
                                session-close;
                            }
                }
            }


Thanks,
Sam

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too .....