Configuring Log Stream and Log Report in TAP mode
SRX Series devices supports different types of stream logs and reports in TAP mode.
When the logging mode is set to stream, security logs generated in the data plane are streamed out a revenue traffic port directly to a remote server. All the categories can be configured for sending specific category logs to different log servers for stream mode log forwarding in TAP mode.
Reports are stored locally on the SRX Series device and there is no requirement for separate devices or tools for logs and reports storage.
Before you begin:
Understand TAP mode support. See the SRX TAP Mode Support Overview.
To configure the security log stream mode in TAP mode:
- Create security log stream in TAP mode.user@host# set security log mode stream
- Create report within security log in TAP mode.user@host# set security log report
- Confirm your configuration by entering the show security
log command.user@host# show security logmode stream;report;