Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring User/Device Event and Group Filters

 

Group filters on Juniper Identity Management Service enable you to apply filters to all the SRX Series devices in your network. You set the filter to list the specific Active Directory groups to include. You can configure up to 200 Active Directory groups to include. Note that a user can only be a member of a maximum of 200 groups because SRX Series devices do not support more than 200 groups per user.

User/Device Event filters on Juniper Identity Management Service enable you to apply a filter in your network to define users or devices to exclude from the reports that the JIMS server sends to SRX Series devices. The user filter performs regular expression matching to filter specific users or devices by name. The filter ignores events associated with a particular user or device. You can configure up to 64 users or devices to exclude.

Note

The User/Device Event filter uses a regular expression to perform a match, unlike the SRX Group filter which uses a string match. Unfortunately, the JIMS UI does not clarify this difference in the Event/Group Filters tab. For example, entering a name ("user1") would match a prefix (also matching "user11", "user112", and so on). To enter a full string, add a dollar sign suffix ("user1$") to the filter.



To configure an SRX group filter:

  1. In the navigation pane, select Settings and then select the Event/Group Filters tab.
  2. To add a filter to include an Active Directory group, in the SRX Group Filter area, click Add. The Active Directory Groups page appears.
  3. Do the following:

    1. Enter the name of the Active Directory group.
    2. Select the Any option button to include a group from any domain, or select the Specify option button and specify a domain from the list.
    3. Click OK to save the settings.
  4. Click Save to save the SRX group filter setting.


To configure a User/Device Event filter:

  1. In the navigation pane, select Settings and then select the Event/Group Filters tab.
  2. To add a user or device filter to exclude, in the User/Device Event Filter area, click Add. The User/Device Event Filter page appears.
  3. Do the following:

    1. Enter the name of the user or device.Note

      Filters are case-insensitive ECMAscript style regular expressions.

    2. Select the Any option button to exclude a user or device from any domain, or select the Specify option button and specify a domain from the list.
    3. Click OK to save the settings.
  4. Click Save to save the User/Device Event filter settings.