Help Center User GuideGetting Started
User Guide
Getting Started

Monitoring Security Intelligence Events


Starting in Junos OS Release 19.2R1, you can monitor the security intelligence events.

Use the monitoring functionality to view the Security Intelligence page.


To monitor security intelligence events, select Monitor > Events > Security Intelligence.


Using the time-range slider, you can quickly focus on the time and area of activity that you are most interested in. Once the time range is selected, all of the data presented in your view is refreshed automatically. You can also use the Custom button to set a custom time range.

You can select either the Grid View tab or the Chart View tab to view your data:

Table 35: Security Intelligence—Fields on the Grid View Page




The time when the log was received.

Event Name

Event name of the log.

Source Country

Source country name from where the event originated.

Source Address

Source IP address from where the event occurred.

Destination Country

Destination country name from where the event occurred.

Destination Address

Destination IP address of the event.

Destination Port

Destination port of the event.

Source Port

Source port of the event.


Description of the log.

Source Zone Name

The name of log source zone.

Host Name

The name of the host user in contact with the command and control server.


The action taken on the communication (permitted or blocked).

Interface Name

Name of the interface.


Displays the network or subnetwork to which the device belongs.

Table 36: Security Intelligence—Widgets on the Chart View Page



Top Compromised Hosts

A list of the top compromised hosts based on their associated threat level and blocked status.

Top C&C Servers

A color-coded map displaying the location of Command and Control servers. Click a location on the map to view the number of detected sources.

See Also

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary