碼上快樂

相關內容    簡體    繁體

juniper syslog日志記錄

本文轉載自   查看原文   2019-11-28 09:52   684    srx/ syslog/ juniper/ 日志

 

詳細日志的關鍵字可以通過https://apps.juniper.net/syslog-explorer/查詢

查詢日志可通過命令show log XXX顯示 ,其中XXX為文件名


set security log mode stream
set security log report


為了記錄日志發生時間的准確性,建議首先設置好ntp服務器
set system ntp server cn.pool.ntp.org

記錄接口up down狀態
set system syslog file interfaces-logs any any
set system syslog file interfaces-logs match ifOperStatus

VPN日志記錄
set system syslog file kmd-logs daemon info
set system syslog file kmd-logs match KMD

用戶命令執行記錄
set system syslog file interactive-commands interactive-commands any

用戶認證記錄(所有)
set system syslog file auth.log authorization info

用戶認證成功記錄
set system syslog file auth_success.log authorization info
set system syslog file auth_success.log match "Accepted| LOGIN_INFORMATION"


用戶修改記錄
set system syslog file change.log change-log info

記錄dynamic vpn用戶認證記錄
Set system syslog file dyn_success.log any any
Set system syslog file dyn_success.log match "DYNAMIC_VPN| FWAUTH| KMD_VPN_UP_ALARM_USER"


記錄ping對端IP不可達
set system syslog file ping_to_GZ any any
set system syslog file ping_to_GZ match "PING_TEST_FAILED| PING_PROBE_FAILED"

set services rpm probe prob test ping_test_to_GZ target address 192.168.12.12
set services rpm probe prob test ping_test_to_GZ probe-count 5
set services rpm probe prob test ping_test_to_GZ probe-interval 1
set services rpm probe prob test ping_test_to_GZ test-interval 2
set services rpm probe prob test ping_test_to_GZ thresholds successive-loss 2
set services rpm probe prob test ping_test_to_GZ thresholds total-loss 4


記錄會話日志
set system syslog file traffic-log any any
set system syslog file traffic-log match "RT_FLOW_SESSION"
策略中要加上session-init或session-close \ couunt

 

set system syslog file policy_session user info
set system syslog file policy_session match RT_FLOW
set system syslog file policy_session archive size 1000k
set system syslog file policy_session archive world-readable
set system syslog file policy_session structured-data


將syslog發送到遠程日志服務器
Set system syslog host 192.168.0.123 any any

記錄IDP日志
set system syslog file IDP_Log any any
set system syslog file IDP_Log match "RT_IDP"


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 syslog 日志 Unix/Linux syslogd守護進程 & 日志記錄syslog syslog日志格式解析 syslog - 日志文件詳解 syslog之一:Linux syslog日志系統詳解 syslog日志系統——日志采集 linux發送syslog日志和kiwi syslog manager 接收日志 SYSLOG審記日志的配置。 syslog日志接口調試方法 linux日志:syslogd和klogd及syslog
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM