How to perform logging for traffic going through a Juniper router and traffic destined for the Juniper Router

Hi Team,

  I am trying to figure out how I perform logging for traffic going through a Juniper router and traffic destined for the Juniper Router?
vreyesiiAsked:
Who is Participating?
 
SouljaCommented:
From Juniper Site:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB16509

ENABLE LOGGING

To send security policy logs to a file named traffic-log on the SRX Series device:

user@host# set system syslog file traffic-log any any
user@host# set system syslog file traffic-log match "RT_FLOW_SESSION"

To send security policy logs to a remote syslog server, x.x.x.x:

user@host#  set system syslog host x.x.x.x any any

THEN ENABLE ON SECURITY POLICY YOU WANT TO LOG

To enable logging for a security policy:  (Either or both steps can be configured.)

 For the default-permit security policy, specify that traffic logs are generated when a session closes.

    user@host# set security policies from-zone trust to-zone untrust policy default-permit then log session-close

    (Optional) Specify that traffic logs are generated when a session starts.

user@host# set security policies from-zone trust to-zone untrust policy default-permit then log session-init

TO SEE LOG:

user@host> show log traffic-log

or

user@host> show log messages | match RT_FLOW_SESSION
user@host# set system syslog host x.x.x.x match "RT_FLOW_SESSION"
0
 
Sanga CollinsSystems AdminCommented:
The policy rules in the webUI have a logging feature that you can use to get a snapshot of the traffic. You can also use flow filters from the command line to get specific logs  In debug mode.

Is there something specific you are looking to log?
0
 
vreyesiiAuthor Commented:
I am trying not to use the webgui and instead use the command line.  I want to log http/https traffic going through the SRX router and ssh traffic destined for the SRX router.
0
 
JohnBusiness Consultant (Owner)Commented:
For logs, I have always used the Web GUI interface. That is where the logs come up.

You can try the command line HELP to display information about system log messages. Here is a Juniper article on that.

http://www.juniper.net/techpubs/en_US/junos10.4/information-products/topic-collections/swconfig-cli/index.html?id-11430873.html

Under the contents (left side) expand CLI command summaries, and then expand Summary of CLI Configuration Mode Commands. Look at the HELP command.

If that does not give you what you want, then you need to use the Web GUI.

.... Thinkpads_User
0
 
vreyesiiAuthor Commented:
Thank you that information was exactly what I was looking for.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.