| Operation | Command |
|---|---|
| Check Log Files | > show log |
| Check Log File | > show log messages? |
| Check Log File | > show log /var/log/messages > show log /var/log/messages | last > show log /var/log/messages | last 100 > show log messages > show log messages.0.gz > show log messages | match error > show log messages | match "error | down | alarm" |
| Check Log File | > file show /var/log/messages |
set security log event set security log event-rate 100 set security log format sd-syslog ### (1)For Local Storage ### set system syslog file TRAFFIC-LOG any any set system syslog file TRAFFIC-LOG match RT_FLOW ### or ### (2)For Syslog Server ### set system syslog host 192.168.0.99 any any set system syslog host 192.168.0.99 match RT_FLOW
set security log stream set security log stream TRAFFIC-LOG format sd-syslog set security log stream TRAFFIC-LOG host 192.168.0.99
| Operation | Command |
|---|---|
| Change log file count | # set system syslog file hoge archive files 20 |
# set system syslog file policy_session archive size 1000k <- 1,000k = 1M # set system syslog file policy_session archive files 5 # set system syslog log-rotate-frequency 15 <- check every 15 minutes
set system syslog user * any emergency set system syslog host x.x.x.x any notice set system syslog host x.x.x.x authorization info set system syslog host x.x.x.x match "!(failed to delete .perm file or directory|xntpdmoduli does not exist)" set system syslog host x.x.x.x facility-override local0 set system syslog file messages any notice set system syslog file messages authoization info set system syslog file messages match "!(failed to delete .perm file or directory|xntpdmoduli does not exist)" set system syslog file interactive-commands interactive-commands any set system syslog source-address x.x.x.x
set security log mode stream set security log source-address xx.xx.xx.xx set security log stream trafficlog format syslog set security log stream trafficlog host xx.xx.xx.xx set security log stream xxxxxxx set security screen ids-option Untrust_screen icmp ip-sweep threshold 5000 set security screen ids-option Untrust_screen icmp flood threshold 1000 set security screen ids-option Untrust_screen icmp ping-death set security screen ids-option Untrust_screen ip spoofing set security screen ids-option Untrust_screen ip source-route-option set security screen ids-option Untrust_screen ip tear-drop set security screen ids-option Untrust_screen tcp port-scan threshold 5000 set security screen ids-option Untrust_screen tcp syn-flood alarm-threshold 1024 set security screen ids-option Untrust_screen tcp syn-flood source-threshold 400 set security screen ids-option Untrust_screen tcp syn-flood destiation-threshold 4000 set security screen ids-option Untrust_screen tcp syn-flood timeout 20 set security screen ids-option Untrust_screen tcp land set security screen ids-option Untrust_screen udp flood threshold 1000 set security screen ids-option Untrust_screen limit-session source-ip-based 512
Juniper Junos CLI Commands(SRX/QFX/EX)