Logging and Reporting Overview
The Junos Space Security Director Logging and Reporting module enables log collection across multiple SRX Series devices and enables log visualization.
You can use either Security Director Log Collector or Juniper Secure Analytics (JSA) as a log collector. For details on deploying and configuring JSA, see Juniper Secure Analytics documentation.
The Logging and Reporting module provides:
Device health and events monitoring.
Visualization of security events resulting from complex and dynamic firewall policies using dashboard and event viewer.
Device health monitoring of CPU and memory.
Alert notification about specific events or upon attaining threshold limits.
Scalable virtual machine (VM) based log collection and log collector management.
For details on installing Security Director and setting up Log Collector, see Security Director Installation and Upgrade Guide.
Logs, also called event logs, provide vital information for managing network security, incident investigation, and response. Logging provides the following features:
Receives events from SRX Series devices and application logs.
Stores events for a defined period of time or a set volume of data.
Parses and indexes logs to help speed up searching.
Provides queries and helps in data analysis and historical events investigation.
You must configure Security Director and SRX series devices to receive logs. Select Security Director > Devices > Device Management to configure syslog to receive SRX Series device logs.
Modifying the Security Logging Configuration for Security Devices