Logging Packet Mirroring Information

The JunosE Software’s packet mirroring feature provides two secure methods of capturing and displaying packet mirroring-related information. Both methods ensure security by requiring the mirror-enable command to be enabled.

• Secure logging—Captures packet mirroring information to a local secure log on the router.
• SNMP secure packet mirroring traps—Captures and reports packet mirroring information to an external device; you can then use the privileged show mirror trap and show snmp traps CLI commands to view secure trap configuration information.

  SNMP agent also implements a secure audit logging facility for the debugging of packet mirroring traps and packet Mirror-MIB accesses. When secure audit logging is enabled, SNMP agent logs reported mirror traps and packet Mirror-MIB get/set operations to local volatile memory on the router.

By default, the JunosE Software captures packet mirroring-related activity to a secure local mirror log. No action is required on your part to enable or disable the logging process; however, only authorized users can access the secure log.

The secure logging feature includes the clear mirror log and show mirror log commands. The mirror-enable command must be enabled to make the commands visible in the CLI.