Help Center User GuideWhat's New
 
X
User Guide
What's New
Contents  

Viewing Juniper Advanced Threat Prevention Cloud System Log Messages

The Junos OS generates system log messages (also called syslog messages) to record events that occur on the SRX Series device. Each system log message identifies the process that generated the message and briefly describes the operation or error that occurred. Juniper ATP Cloud logs are identified with a SRX_AAWM_ACTION_LOG or SRX AAMWD entry.

The following example configures basic syslog settings.

set groups global system syslog user * any emergency
set groups global system syslog host log kernel info
set groups global system syslog host log any notice
set groups global system syslog host log pfe info
set groups global system syslog host log interactive-commands any
set groups global system syslog file messages kernel info
set groups global system syslog file messages any any
set groups global system syslog file messages authorization info
set groups global system syslog file messages pfe info
set groups global system syslog file messages archive world-readable

To view events in the CLI, enter the following command:

show log

Example Log Message

<14> 1 2013-12-14T16:06:59.134Z pinarello RT_AAMW - SRX_AAMW_ACTION_LOG [junos@xxx.x.x.x.x.28 http-host="www.mytest.com" file-category="executable" action="BLOCK" verdict-number="8" verdict-source=”cloud/blacklist/whitelist” source-address="x.x.x.1" source-port="57116" destination-address="x.x.x.1" destination-port="80" protocol-id="6" application="UNKNOWN" nested-application="UNKNOWN" policy-name="argon_policy" username="user1" session-id-32="50000002" source-zone-name="untrust" destination-zone-name="trust"] 

http-host=www.mytest.com file-category=executable action=BLOCK verdict-number=8 verdict-source=cloud source-address=x.x.x.1 source-port=57116 destination-address=x.x.x.1 destination-port=80 protocol-id=6 application=UNKNOWN nested-application=UNKNOWN policy-name=argon_policy username=user1 session-id-32=50000002 source-zone-name=untrust destination-zone-name=trust 

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit