JSA Log Collector Overview
Starting in Security Director Release 16.2 R1, you can use Juniper Secure Analytics (JSA) as a Log Collector to view log data in Security Director. From the JSA console, Security Director queries logs from SRX Series devices. Security Director can use either JSA3800, JSA5800, JSA7500, or virtual JSA for log collection. You must add JSA as a logging node in Security Director to view log data in the Dashboard, Events and Logs, Reports, and Alerts pages.
The JSA version supported by Security Director to be added as log collector node is JSA Release 2014.8.R4 or later.
After JSA is deployed, you can configure network devices to send system logs to JSA. It collects the logs in a standalone or clustered setup. For more details on deploying and configuring JSA, see Juniper Secure Analytics documentation.
Figure 1 shows the deployment example using the JSA All-in-One or JSA Dedicated Console.
To add JSA as a logging node in Security Director, see Adding Log Collector to Security Director.