IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
Original Message:
Sent: 03-28-2024 00:55
From: Dhikra Marghli
Subject: configure domain-nams as a server remote syslog not addres ip
Hello again
i have two domain-name used in the same server syslog ( fr-1vm-syslog03.infra.msv , fr-2vm-syslog03.infra.msv ) and also i have server dns : addres ip :10.5.11.106
my question is update : Configuring two domain names on client DNS ( my goal of this mini project )
what is the template syslog configured in device device MX 480 , that i want use two domain name ( search in domain 1 else domain 2 ) in configuration syslog and also dns
that allow send all log to remote server ?? what are commands exact ?
same toplogie
i wait a answer from you to help me
best regards
------------------------------
Dhikra Marghli
Original Message:
Sent: 03-24-2024 20:46
From: spuluka
Subject: configure domain-nams as a server remote syslog not addres ip
On your two SRX devices you would need to see if the security policy permit traffic from your devices to the syslog servers. You can use the policy-match command to see if one currently exists.
Your zone names and ip addresses would need to adjust to the firewall where the to-zone seems to be SUPERVISION instead of Z2 and the from-zone varies by the device place on your network instead of Z1. With the syslog being tcp 514.
This match needs to be checked for each zone pair on the SRX.
show security match-policies from-zone z1 to-zone z2 source-ip 10.10.10.1 destination-ip 192.0.2.1 source-port 1 destination-port 514 protocol tcp
More details on the match command is here.
https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/command/show-security-match-policies.html
If the policy does not exist yet. You need to create any address book objects and policies to permit the syslog traffic as described here.
https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/topic-map/security-policy-configuration.html
------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
http://puluka.com/home
Original Message:
Sent: 03-24-2024 01:41
From: Dhikra Marghli
Subject: configure domain-nams as a server remote syslog not addres ip
Ok , i interstant you
you say me
So you would need to have security policies in place from the entry zone of the routers to the destination zone of the syslog servers that permit the communication on syslog ports.
please can you send me exmple
thanks
------------------------------
Dhikra Marghli
Original Message:
Sent: 03-23-2024 13:08
From: spuluka
Subject: configure domain-nams as a server remote syslog not addres ip
Yes remote syslog servers can be configured as domain name instead of ip address. Naturally, the MX would need to also have a configured reachable name-server setting so it can resolve the name.
set system name-server 8.8.8.8 (Your internal DNS server here)
The syslog remote section:
set system syslog host fr-1vm-syslog03.infra.msv any notice
After the host name you need to pick a level of logging or more details to limit the types of logs generated.
Your diagram also notes that there are SRX firewalls between the MX and the syslog servers. So you would need to have security policies in place from the entry zone of the routers to the destination zone of the syslog servers that permit the communication on syslog ports.
Example documentation
https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/topic-map/system-logging-on-a-single-chassis-system.html#id-examples-assigning-an-alternative-facility
------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
http://puluka.com/home
Original Message:
Sent: 03-22-2024 00:33
From: Dhikra Marghli
Subject: configure domain-nams as a server remote syslog not addres ip
Hello
No , i want how to configure router MX480 with configiration syslog but i want domain-name as a remote server syslog not to use @ip !!
RQ : Configure the Domain Name fr-1vm-syslog03.infra.msv and not the syslog IP 10.5.11.106
RQ . i can send you also toplogie for SRX1500 it have server syslog . that you can be clear
i need a help from expert to give a template syslog with domain-name also configuration DNS or configuration dns-lookup ?
mean allow all log send to FW SRX1500 as the role as server log
this is my request
please , i wait your reply for configuration syslog
if you need any other infirmation tell me
thanks
i wait your reply and your help
------------------------------
Dhikra Marghli
Original Message:
Sent: 03-21-2024 20:05
From: spuluka
Subject: configure domain-nams as a server remote syslog not addres ip
I'm not sure I follow the question. It seems like you might be asking if the SRX1500 can be the syslog server and collect logs via DNS name from other devices. The answer is no, the SRX or any Junos device can send logs to a syslog server but cannot be the syslog collector.
You can configure the external syslog server you sent to as a DNS name instead of ip address.
------------------------------
Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
http://puluka.com/home
Original Message:
Sent: 03-21-2024 15:28
From: Dhikra Marghli
Subject: configure domain-nams as a server remote syslog not addres ip
Hello
We have fw SRX1500 as the role as server log i will send you toplogie that you can help for configuration I want to configure router MX480 with configuration syslog but the BUT is to i want to use domain-name (fr-1vm-syslog03.infra.msv) as a remote server instead of @ip (not @ip) and also with dns 1
question1++ how to ensure the log is sent to the syslog server and be centralized ?
Mean ==< What is the Juniper syslog template ( or configuration of cli ) that allows to send logs and be centralized on SRX1500 FW?
i wait a expert network in juniper help me
------------------------------
Dhikra Marghli
------------------------------