Help Center User GuideGetting Started
 
X
User Guide
Getting Started
Contents

Monitoring Security Intelligence Events

Purpose

Starting in Junos OS Release 19.2R1, you can monitor the security intelligence events.

Use the monitoring functionality to view the Security Intelligence page.

Action

To monitor security intelligence events, select Monitor > Events > Security Intelligence.

Meaning

Using the time-range slider, you can quickly focus on the time and area of activity that you are most interested in. Once the time range is selected, all of the data presented in your view is refreshed automatically. You can also use the Custom button to set a custom time range.

You can select either the Grid View tab or the Chart View tab to view your data:

Table 35: Security Intelligence—Fields on the Grid View Page

Field

Description

Timestamp

The time when the log was received.

Event Name

Event name of the log.

Source Country

Source country name from where the event originated.

Source Address

Source IP address from where the event occurred.

Destination Country

Destination country name from where the event occurred.

Destination Address

Destination IP address of the event.

Destination Port

Destination port of the event.

Source Port

Source port of the event.

Description

Description of the log.

Source Zone Name

The name of log source zone.

Host Name

The name of the host user in contact with the command and control server.

Action

The action taken on the communication (permitted or blocked).

Interface Name

Name of the interface.

Domain

Displays the network or subnetwork to which the device belongs.

Table 36: Security Intelligence—Widgets on the Chart View Page

Field

Description

Top Compromised Hosts

A list of the top compromised hosts based on their associated threat level and blocked status.

Top C&C Servers

A color-coded map displaying the location of Command and Control servers. Click a location on the map to view the number of detected sources.

See Also

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary