Screen OS

 View Only
last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Monitor traffic

    Posted 04-20-2010 10:54

    We have some traffic that is going outbound after hours and I want to track the source down from the SSG5.

    Is there a way to monitor traffic on an interface based on schedule? I want to review the traffic at a later date.



  • 2.  RE: Monitor traffic

    Posted 04-20-2010 13:27

    Yes - you can create policies and have them be schedule (time) dependent. Under the policy elements you can create a schedule. Then create a policy and apply the schedule to it and the policy will only be in effect during the schedule period.



  • 3.  RE: Monitor traffic

    Posted 04-20-2010 14:42

    how do I log to an external server? I look at syslog but the policy hits aren't getting logged.



  • 4.  RE: Monitor traffic
    Best Answer

    Posted 04-20-2010 21:14

    You need to verify that syslog is configured to forward the traffic logs.  

    You can verify this by checking it via the "get syslog" command.  Make sure that the traffic log is enabled.

     

    If not you can set this up by either defining it specifically or by enabling all logs. 

     

    set syslog config x.x.x.x log traffic  ( you can also make this more expansive by using "all" instead of the keyword traffic )

    set syslog enable

    save

     



  • 5.  RE: Monitor traffic

    Posted 04-21-2010 13:06

    That worked. Found our syslog server was having issues. I fixed that and found information being sent.



  • 6.  RE: Monitor traffic

    Posted 04-21-2010 04:44

    Hi

     

    Please send me the get syslog output . do u already enable logging on policy ?

     

    thanks


    EL