Hope your queries are resolved.
In addition to the details shared by Pradeep, please refer to the below link for all documentation related to vSRX :
Kindly let us know if you need more info.
Original Message:
Sent: 12-13-2023 13:30
From: Pradeep Hattiangadi
Subject: How can we monitor and access firewall related logs?
Hi Jai,
On the SRX device we can configure both security / system logs to either log locally to a file or stream log locally or stream log to remote destinations.
- Configure security stream mode logging. You can configure this mode to send logs to a remote server.
- Configure security event mode logging. You can configure this mode as well to send logs to a remote server, but as this logging is processed from the control plane this would have an impact on the utilization of the SRX device. (Not recommended.)
- Configure security stream logging to a file on the SRX device.
- Configure stream mode logging to log all security log events locally.
The link below will cover all the scenario's above.
https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/topic-map/system-logging-for-a-security-device.html
Other resources:
https://www.youtube.com/watch?v=tDkfCDAZOas
https://supportportal.juniper.net/s/article/JSA-Junos-Space-SRX-How-to-forward-logs-from-an-SRX-device-to-an-external-syslog-server-like-JSA-Junos-Space?language=en_US
------------------------------
Pradeep Hattiangadi
Original Message:
Sent: 12-12-2023 06:24
From: JAI KISHAN
Subject: How can we monitor and access firewall related logs?
Actually, we're not presently using the vSRX product, we're open to purchasing it if it aligns with our requirements, and we aim to do so as soon as possible.
Before proceeding, we'd like to inquire about the availability of test credentials for vSRX firewall logs related API access or the possibility of obtaining a product evaluation license.
Your assistance in resolving this matter would be highly appreciated.
Could someone please provide insights, guidance, or support to help me successfully access the API? Your prompt response and assistance are invaluable.
Thank you in advance for your help.
------------------------------
JAI KISHAN
Original Message:
Sent: 12-08-2023 01:29
From: GAVIN WHITE
Subject: How can we monitor and access firewall related logs?
Hi Jai,
If you are using Security Director, it will automatically create these for you when you enable logging under your Unified/Standard Security Policies.
On the SRX not managed by Security Director this is done by configuring `log session-init | session-close` for each security policy you specify. These logs can be captured by syslog deamon matching "RT_FLOW_SESSION" either on local files or forwarded to a syslog server.
For more detailed documentation on this procedure, see https://supportportal.juniper.net/s/article/SRX-Getting-Started-Configure-Traffic-Logging-Security-Policy-Logs-for-SRX-Branch-Devices?language=en_US
------------------------------
GAVIN WHITE
Original Message:
Sent: 12-06-2023 06:43
From: JAI KISHAN
Subject: How can we monitor and access firewall related logs?
Hi, I'm working on an integration for which I have the following queries, I would really appreciate if someone could help me to answer these queries:
1. I am looking for Firewall details on the Juniper vSRX website documentation, but I could not locate them anywhere.
2. Could someone confirm if Juniper vSRX capture the Firewall logs? If yes, then is there any web API using which we can fetch these details, also it would be nice if anyone can guide us on how to setup this API.
Thank you
Jai Kishan
------------------------------
JAI KISHAN
------------------------------