Switching

I'm attempting to log deny hits on the firewall filter that I have applied to the loopback.   Below are the relevant lines from the config:

set system syslog file firewall firewall any
set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then count DEFAULT_DENY
set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then log
set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then syslog
set firewall family inet filter PROTECT_RE_V4 term DEFAULT_DENY then discard

The DEFAULT_DENY hit counter is increasing and there are logs in the buffer:

switch> show firewall log    
Log :
Time      Filter    Action Interface           Protocol        Src Addr                         Dest Addr
06:34:00  PROTECT_RE_V4 D  vme.0               TCP             10.1.234.2                       10.1.3.21
06:33:56  PROTECT_RE_V4 D  vme.0               TCP             10.1.234.2                       10.1.3.21
06:33:54  PROTECT_RE_V4 D  vme.0               TCP             10.1.234.2                       10.1.3.21

However, the "firewall" log file in /var/log/ remains empty. 

switch> file list /var/log/ detail | match firewall 
-rw-rw----  1 root  wheel          0 Sep 11 10:34 firewall

Am I missing something?

Thanks,

-Brian

To close the loop on this post, I opened a TAC case and it turns out this is a related to a bug:

PR1714988

------------------------------
Brian Lehigh
------------------------------