Solved

How to perform logging for traffic going through a Juniper router and traffic destined for the Juniper Router

Posted on 2014-02-01
5
2,858 Views
Last Modified: 2014-03-25
Hi Team,

  I am trying to figure out how I perform logging for traffic going through a Juniper router and traffic destined for the Juniper Router?
0
Comment
Question by:vreyesii
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 18

Expert Comment

by:Sanga Collins
ID: 39826353
The policy rules in the webUI have a logging feature that you can use to get a snapshot of the traffic. You can also use flow filters from the command line to get specific logs  In debug mode.

Is there something specific you are looking to log?
0
 

Author Comment

by:vreyesii
ID: 39826357
I am trying not to use the webgui and instead use the command line.  I want to log http/https traffic going through the SRX router and ssh traffic destined for the SRX router.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 39826368
For logs, I have always used the Web GUI interface. That is where the logs come up.

You can try the command line HELP to display information about system log messages. Here is a Juniper article on that.

http://www.juniper.net/techpubs/en_US/junos10.4/information-products/topic-collections/swconfig-cli/index.html?id-11430873.html

Under the contents (left side) expand CLI command summaries, and then expand Summary of CLI Configuration Mode Commands. Look at the HELP command.

If that does not give you what you want, then you need to use the Web GUI.

.... Thinkpads_User
0
 
LVL 26

Accepted Solution

by:
Soulja earned 335 total points
ID: 39826458
From Juniper Site:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB16509

ENABLE LOGGING

To send security policy logs to a file named traffic-log on the SRX Series device:

user@host# set system syslog file traffic-log any any
user@host# set system syslog file traffic-log match "RT_FLOW_SESSION"

To send security policy logs to a remote syslog server, x.x.x.x:

user@host#  set system syslog host x.x.x.x any any

THEN ENABLE ON SECURITY POLICY YOU WANT TO LOG

To enable logging for a security policy:  (Either or both steps can be configured.)

 For the default-permit security policy, specify that traffic logs are generated when a session closes.

    user@host# set security policies from-zone trust to-zone untrust policy default-permit then log session-close

    (Optional) Specify that traffic logs are generated when a session starts.

user@host# set security policies from-zone trust to-zone untrust policy default-permit then log session-init

TO SEE LOG:

user@host> show log traffic-log

or

user@host> show log messages | match RT_FLOW_SESSION
user@host# set system syslog host x.x.x.x match "RT_FLOW_SESSION"
0
 

Author Comment

by:vreyesii
ID: 39826848
Thank you that information was exactly what I was looking for.
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question