[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Juniper debug settings

Posted on 2010-09-21
7
Medium Priority
?
1,768 Views
Last Modified: 2012-05-10
Hi,

I need to get some debug logs from a netscreen firewall.
Now this in itself is not really a problem.
However, whenever I set the debug options I want:
debug flow basic
debug ike detail

and I type get debug, I can see both these things are being logged.
But this will only keep logging until the CLI gets disconnected.
If I log back in and type "get debug" nothing is being logged.

Is there a command to ensure it keep logging these things even after you log out of the command line interface?

Thanks,
UM
0
Comment
Question by:umeex
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 10

Expert Comment

by:ujitnos
ID: 33731536
0
 

Author Comment

by:umeex
ID: 33731668
Thanks for this.
The document is actually very useful, but it still does not really help me solve the initial problem.
When I set the debugging options, the system only debugs until the CLI sessin gets terminated.
Is there any way to ensure the debugging just keeps going until I manually stop it or the buffer fills up?
Even if I need to terminate the CLI session?
0
 
LVL 10

Expert Comment

by:ujitnos
ID: 33731790
Try "snoop", a kind of debug tool within Netscreen
http://kb.juniper.net/KB5411 
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 80

Accepted Solution

by:
arnold earned 500 total points
ID: 33731850
What is the point of running a debug session if you are not there to monitor it?

What you might be looking for is to increase the verbosity of data loged.  You should look at the logging settings on the netscreen. note that this could add to the load.
If you have your netscreen configured with syslog or snmptraps, that is the approach you might want to take.

http://mail.adeptech.com/pipermail/sidewinder/2009-February/002667.html
Check the IKE/RULE policy and check the audit level
Policy --> Rule Elements --> Services --> isakmp
etc.
0
 
LVL 71

Assisted Solution

by:Qlemo
Qlemo earned 500 total points
ID: 33898094
Arnold is absolutely right. Loosing the debug switches on logout is a feature, because it shall prevent from accidently keeping debugging on when leaving an admin session. Debug switches only make sense when you are there to analyze them near real-time, and usually they are very demanding for the device, so you won't let that run too long.

Snoop might really be an alternative for a longer term, since it can use the buffer circularly, and so you have a descent time slot, with a detail level (by setting the capture size of each packet). Snoop'd packets can be transferred to your PC, and converted for analyzing via WireShark (or any PCap compatible analyzer).

Syslog and SNMPTraps are the way you monitor for long-term.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 34203769
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
One of the biggest challenges facing freelancers is balancing multiple projects and deadlines. Organizational skills and time management are key to keeping up with projects and staying on track. Luckily, we’ve curated seven tools to help you focus o…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question