Help Center User GuideGetting Started
 
X
User Guide
Getting Started
Contents

Monitoring Screen Events

Purpose

Starting in Junos OS Release 19.2R1, you can monitor the screen events.

Use screen events to view the information about security events based on screen profiles. Analyzing screen logs yields information such as attack name, action taken, source of an attack, and destination of an attack.

Action

To monitor screen events, select Monitor > Events > Screen in the J-Web user interface.

Meaning

Using the time-range slider, you can quickly focus on the time and area of activity that you are most interested in. Once the time range is selected, all of the data presented in your view is refreshed automatically. You can also use the Custom button to set a custom time range.

You can select either the Grid View tab or the Chart View tab to view your data:

Table 33: Screen—Fields on the Grid View Page

Field

Description

Timestamp

The time when the log was received.

Event Name

Name of the event in the log.

Source Country

Country from which the traffic that triggered the event originated.

Source Address

Source IP address for the traffic that triggered the event (IPv4 or IPv6).

Destination Country

Country to which the traffic that triggered the event was sent

Attack Name

Name of the attack in the log for threat event. For example, trojan, worm, virus, and so on.

Destination Address

Destination IP address for the traffic that triggered the event (IPv4 or IPv6).

Source Port

Source TCP/UDP port number of the traffic that triggered the event.

Destination Port

Destination TCP/UDP port number of the traffic that triggered the event.

Description

Brief description of the event.

Action

Action taken for the event. For example, warning, allow, and block.

Host Name

Hostname of the device where the log was generated.

Source Zone Name

Name of the source security zone of the traffic that triggered the event.

Interface Name

Name of the interface.

Domain

Displays the network or subnetwork to which the device belongs.

Table 34: Screen—Widgets on the Chart View Page

Field

Description

Top Screen Attackers

Top source countries from where the event source originated; sorted by the number of source IP addresses.

Top Screen Victims

Top destination countries targeted for the attack; sorted by the number of destination IP addresses.

Top Screen Hits

Top source IP addresses of the network traffic; sorted by the number of event occurrences.

See Also

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary