cmdref.net - Cheat Sheet and Example

cmdref.net is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools


Sidebar








Etc


Reference














.

hardware:junos:log.html



Junos Logging Configuration Examples

Check Log

Operation Command
Check Log File > show log messages?
Check Log File > show log /var/log/messages
> show log /var/log/messages | last
> show log /var/log/messages | last 10
> show log messages
> show log messages.0.gz
> show log messages | match error
> show log messages | match "error | down | alarm"
Check Log File > file show /var/log/messages

Configuration

Operation Command
Change log file count # set system syslog file hoge archive files 20
set system syslog user * any emergency
set system syslog host x.x.x.x any notice
set system syslog host x.x.x.x authorization info
set system syslog host x.x.x.x match "!(failed to delete .perm file or directory|xntpdmoduli does not exist)"
set system syslog host x.x.x.x facility-override local0
set system syslog file messages any notice
set system syslog file messages authoization info
set system syslog file messages match "!(failed to delete .perm file or directory|xntpdmoduli does not exist)"
set system syslog file interactive-commands interactive-commands any
set system syslog source-address x.x.x.x


Security Log

set security log mode stream
set security log source-address xx.xx.xx.xx
set security log stream trafficlog format syslog
set security log stream trafficlog host xx.xx.xx.xx
set security log stream xxxxxxx

set security screen ids-option Untrust_screen icmp ip-sweep threshold 5000
set security screen ids-option Untrust_screen icmp flood threshold 1000
set security screen ids-option Untrust_screen icmp ping-death
set security screen ids-option Untrust_screen ip spoofing
set security screen ids-option Untrust_screen ip source-route-option
set security screen ids-option Untrust_screen ip tear-drop
set security screen ids-option Untrust_screen tcp port-scan threshold 5000
set security screen ids-option Untrust_screen tcp syn-flood alarm-threshold 1024
set security screen ids-option Untrust_screen tcp syn-flood source-threshold 400
set security screen ids-option Untrust_screen tcp syn-flood destiation-threshold 4000
set security screen ids-option Untrust_screen tcp syn-flood timeout 20
set security screen ids-option Untrust_screen tcp land
set security screen ids-option Untrust_screen udp flood threshold 1000 
set security screen ids-option Untrust_screen limit-session source-ip-based 512







hardware/junos/log.html.txt ยท Last modified: 2020/01/28 by admin

Page Tools