Solved

SRX240 web filter results by email or.... ?

Posted on 2013-12-08
1
429 Views
Last Modified: 2013-12-13
I'm using an SRX240 for web filtering.  Ideally, I'd like to receive a summary email every 8 hours or so that lists all the blocks that occurred.  (I believe that 8 hours will generate a manageable-sized log - but that's a good question).

So, I guess this means collecting the results in a log somewhere / somehow.
Sending the log out via email.
Repeat and delete the old log.

How might one do this?
0
Comment
Question by:Fred Marshall
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 39708782
Logs generated by different daemon have different keywords. For webfiltering we can filter logs on keyword WEBFILTER_ using CLI as below:
set system syslog file webfilter-log match WEBFILTER_ any any

Here we create syslog file named webfilter-log.

Now we can create this file on the SRX itself and then create a shell script which would FTP/SCP file to the designated server [using crontab] and then delete the file from SRX.
Once the file is on FTP/SCP server there can be another script running which would pick and email the file.
OR we can have SRX send logs to a remote syslog server and there you can work on the logs as you need.

Also, have a look at KB: http://kb.juniper.net/KB28213

Thank you.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question