SRX Services Gateway
Highlighted
SRX Services Gateway

syslog severity info and any any

‎09-04-2019 10:39 PM

Hi there,

Some syslog configuration has "severity info" option on the #set sec log stream STRM_1 severity info

some has any any.

What is difference between them and what is the best aproach? 

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: syslog severity info and any any

‎09-04-2019 11:22 PM

Hi Arix,

 

From your configuration, I believe you're sending the stream logs from the SRX towards the External Syslog server. If that's the case, you can specify facility and severity as ANY ANY. However, it is purely based on your requirement.

 

Severity Info means Events or nonerror conditions of interest events are send from the SRX.

 

For more information, please refer to the following technical documentation and KB article:

https://www.juniper.net/documentation/en_US/junos/topics/reference/general/syslog-facilities-severit...

https://kb.juniper.net/InfoCenter/index?page=content&id=KB31181&actp=METADATA

 

 



Thanks,
π00bm@$t€®.
Please, Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
Highlighted
SRX Services Gateway

Re: syslog severity info and any any

‎09-30-2019 12:52 PM

if you are using external syslog server to log, the security stream logs, its best to use any any so verbose info can be logged . 

for local logging on SRX like show configuration system syslog file messages one can use any info to locally log system messages in good amount of details.