I am seeking for a solution to create an alert if there was no syslog message received by NMS for a specified period of time.
I gave up trying to set that up in NMS's we are using, so I wondering if there's a way to implement that on JunOS side.
I believe I'm missing something obvious here, but i haven't come up with anything yet.
Will appreciate any thoughts on this.
Thank you in advance.
This should be pretty easy with JUNOS FW filter counters and RMON alarm.
1/ configure a FW filter to match on syslog packets + counter. This counter is exposed in SNMP by default.
2/ configure RMON alarm to monitor this counter' delta value with interval 86400 secs (24 hours)
3/ add corresponding event with trap https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/event-entry-and-attributes-configuring-junos-nm.html