Security Management

  • 1.  Interface logs up/down ,the log from juniper router show only the changes from up to down .

    Posted 11-05-2017 07:40

    Hi,

    In the juniper log I can see only when the interface goes down and not when he come back to up.

    Example:

    Oct 21 19:51:57  XXXXX mib2d[1483]: SNMP_TRAP_LINK_DOWN: ifIndex 519, ifAdminStatus up(1), ifOperStatus down(2), ifName ge-0/0/7

    Oct 21 22:39:55  XXXXX mib2d[1483]: SNMP_TRAP_LINK_DOWN: ifIndex 519, ifAdminStatus up(1), ifOperStatus down(2), ifName ge-0/0/7

    Please advise what I need configure   to I can see in the juniper  log when the interface change is status from down to up also.

    Thanks!!!



  • 2.  RE: Interface logs up/down ,the log from juniper router show only the changes from up to down .
    Best Answer

    Posted 11-05-2017 07:56
    Junos OS logs the protocol UP and DOWN events with different severity levels.
    Both the SNMP_TRAP_LINK_DOWN and SNMP_TRAP_LINK_UP events have a facility of 'daemon', but the SNMP_TRAP_LINK_DOWN event has a severity level of 'warning', and the SNMP_TRAP_LINK_UP event has a severity level of 'info'.
    Normally, when you configure a system log file, you must filter events to that file using the lower severity level of 'info' in order to log both of the events.

    Hence, you use "set system syslog file messages any any" or "set system syslog file messages any info" to filter both events.

    KB FYR - https://www.juniper.net/documentation/en_US/junos12.1/topics/topic-map/junos-script-automation-event-policy-event-syslog-priority.html



  • 3.  RE: Interface logs up/down ,the log from juniper router show only the changes from up to down .

    Posted 09-20-2018 20:42

    will it work for routing protocols also, suppose my ospf neighbourship goes down comes into my log messages, but when neigbourship comes up it deosnt show me in log messages. will below script work for routing protocols also.



  • 4.  RE: Interface logs up/down ,the log from juniper router show only the changes from up to down .

    Posted 09-21-2018 04:49

    The linked event script is specifically matching on the snmp link up/down messages only.