Adding Logging Nodes
Use this page to configure logging nodes. You must deploy either Security Director Log Collector or Juniper Secure Analytics (JSA) as a log collector and then add it to Security Director to view the log data in the Dashboard, Events and Logs, Reports, and Alerts pages.
Before You Begin
- Read the Logging and Reporting Overview topic.
- Configure system log and security logging configuration from Devices > Security Devices > Modify Configuration. See Modifying the Configuration of Security Devices.
- For the Security Director Log Collector:
- The eps rate of up to 3000, requires a single log collector node. You must deploy and configure a log collector VM in All-in-One node.
- The eps rate of up to 10,000, requires a Log Receiver
node and a Log Storage node.
For various eps rates, see Understanding the Security Director Log Collector Deployment Modes.
- Review the Logging Management main page for an understanding of your current data set. See Logging Nodes Main Page Fields for field descriptions.
- Security Director Log Collector is supported on both the VM and JA2500 appliance.
- For information on JSA, see Juniper Secure Analytics documentation.
Adding Logging Nodes
To add Log Collector to Security Director:
- Select Administration > Logging Management > Logging Nodes.
- Click the + icon to add logging nodes. The Add Logging Node page appears.
- Choose the Log Collector type as Security Director
Log Collector or Juniper Secure Analytics.
If you select the Log Collector type as Security Director Log Collector, then select the deployment.
- Click Next.
- Complete the configuration for Add Collector/JSA Node
according to the guidelines provided in Table 1.
If the Log Collector type is Security Director Log Collector, then Add Another Node is displayed to add multiple nodes as needed.
- Click Next.
The certificate details are displayed.
- Click Finish.
- Review the summary of configuration changes from the summary page and click Edit to modify the details, if required.
- Click OK to add the node.
A new logging node with your configurations is added. To verify if the node is configured correctly, click Logging Management to check the status of the node.
 | Note: The JSA node is added only via Security Director, so the JSA node is not displayed in Space > Administration > Fabric. |
Table 1: Logging Node Settings
Settings | Guidelines |
|---|---|
Node Name | Enter a unique name for the node that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 29 characters. |
IP Address | Enter an IPv4 or IPv6 address for the node. |
User Name | Enter a username. Spaces are allowed and maximum length is 29 characters. Provide the root credentials for the Security Director Log Collector node. For JSA, provide the admin credentials that is used to login to the JSA console. |
Password | Enter the password of the logging node. |
| Note: JSA node sends many maintenance logs from its own IP to localhost (127.0.0.1). These system logs are displayed in the Event Viewer. You can disable these maintenance logs. To disable the maintenance logs:
|
