Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

About the Device Events Page

To access this page, click Monitor > Device Events.

Use the Device Events page to view information about device events such as routine operations, failure and error conditions, and emergency or critical conditions.

You can view comprehensive details of device events in a tabular format that includes sortable columns and a line graph (also known as swim lanes). The data presented in the line graph is refreshed automatically based on the selected time range. The line graph shows light blue areas that represent all device events and dark blue areas represent blocked device events

Tasks You Can Perform

You can perform the following tasks from this page:

Advanced Search

You can perform advanced search of all events using the text field present above the tabular column. It includes the logical operators as part of the filter string. Enter the search string in the text field and based on your input, a list of items from the filter context menu is displayed. You can select a value from the list and then select a valid logical operator to perform the advanced search operation. Press Enter to display the search result in the tabular column below.

To delete the search string in the text field, click the delete icon (X icon).

Examples of event log filters are shown in the following list:

Field Descriptions

Table 12 provides guidelines on using the fields on the Device Events page.

Table 12: Fields on the Device Events Detailed View Page

Field

Description

Time

View the time when the log was received.

Event Name

View the event name of the log.

Tenant

View the name of the tenant.

Site

View the name of the tenant site.

Source Country

View the name of source country from where the event originated.

Source IP

View the source IP address from where the event occurred.

Destination Country

View the name of destination country from where the event occurred.

Destination IP

View the destination IP address of the event.

Source Port

View the source port of the device event.

Destination Port

View the destination port of the device event.

Description

View the description of the log.

Attack Name

View the attack name of the log. For example, Trojan, worm, virus, and so on.

Threat Severity

View the severity level of the threat.

Policy Name

View the policy name in the log.

UTM Category or Virus Name

View the UTM category of the log.

URL

View the accessed URL name that triggered the event.

Event Category

View the event category of the log.

User Name

View the username of the log.

Argument

View the type of traffic. For example, ftp and http.

Action

View the action taken for the event. For example, warning, allow, or block.

Log Source

View the IP address of the log source.

Application

View the application name from which the events or logs are generated.

Hostname

View the host name in the log.

Service Name

View the name of the application service. For example, FTP, HTTP, SSH, and so on.

Nested Application

View the nested application in the log.

Source Zone

View the source zone of the log.

Destination Zone

View the destination zone of the log.

Protocol ID

View the protocol ID in the log.

Roles

View the role name associated with the log.

Reason

View the reason for the log generation. For example, a connection tear down may have an associated reason such as authentication failed.

NAT Source Port

View the translated source port.

NAT Destination Port

View the translated destination port.

NAT Source Rule Name

View the NAT source rule name.

NAT Destination Rule Name

View the NAT destination rule name.

NAT Source IP

View the translated (or natted) source IP address. It can contain IPv4 or IPv6 addresses.

NAT Destination IP

View the translated (also called natted) destination IP address.

Traffic Session ID

View the traffic session ID of the log.

Path Name

View the path name of the log.

Logical System Name

View the name of the logical system.

Rule Name

View the name of the rule.

Profile Name

The name of the profile that triggered the event.

Event Count

View the number of events occurred.

Tenant

View the name of the tenant from which the event originated.

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit