Solved

How to perform logging for traffic going through a Juniper router and traffic destined for the Juniper Router

Posted on 2014-02-01
5
2,924 Views
Last Modified: 2014-03-25
Hi Team,

  I am trying to figure out how I perform logging for traffic going through a Juniper router and traffic destined for the Juniper Router?
0
Comment
Question by:vreyesii
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 18

Expert Comment

by:Sanga Collins
ID: 39826353
The policy rules in the webUI have a logging feature that you can use to get a snapshot of the traffic. You can also use flow filters from the command line to get specific logs  In debug mode.

Is there something specific you are looking to log?
0
 

Author Comment

by:vreyesii
ID: 39826357
I am trying not to use the webgui and instead use the command line.  I want to log http/https traffic going through the SRX router and ssh traffic destined for the SRX router.
0
 
LVL 96

Expert Comment

by:Experienced Member
ID: 39826368
For logs, I have always used the Web GUI interface. That is where the logs come up.

You can try the command line HELP to display information about system log messages. Here is a Juniper article on that.

http://www.juniper.net/techpubs/en_US/junos10.4/information-products/topic-collections/swconfig-cli/index.html?id-11430873.html

Under the contents (left side) expand CLI command summaries, and then expand Summary of CLI Configuration Mode Commands. Look at the HELP command.

If that does not give you what you want, then you need to use the Web GUI.

.... Thinkpads_User
0
 
LVL 26

Accepted Solution

by:
Soulja earned 335 total points
ID: 39826458
From Juniper Site:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB16509

ENABLE LOGGING

To send security policy logs to a file named traffic-log on the SRX Series device:

user@host# set system syslog file traffic-log any any
user@host# set system syslog file traffic-log match "RT_FLOW_SESSION"

To send security policy logs to a remote syslog server, x.x.x.x:

user@host#  set system syslog host x.x.x.x any any

THEN ENABLE ON SECURITY POLICY YOU WANT TO LOG

To enable logging for a security policy:  (Either or both steps can be configured.)

 For the default-permit security policy, specify that traffic logs are generated when a session closes.

    user@host# set security policies from-zone trust to-zone untrust policy default-permit then log session-close

    (Optional) Specify that traffic logs are generated when a session starts.

user@host# set security policies from-zone trust to-zone untrust policy default-permit then log session-init

TO SEE LOG:

user@host> show log traffic-log

or

user@host> show log messages | match RT_FLOW_SESSION
user@host# set system syslog host x.x.x.x match "RT_FLOW_SESSION"
0
 

Author Comment

by:vreyesii
ID: 39826848
Thank you that information was exactly what I was looking for.
0

Featured Post

Do you have a plan for Continuity?

It's inevitable. People leave organizations creating a gap in your service. That's where Percona comes in.

See how Pepper.com relies on Percona to:
-Manage their database
-Guarantee data safety and protection
-Provide database expertise that is available for any situation

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question