show security utm content-filtering statistics
Syntax
show security utm content-filtering statistics <root-logical-system> utm-policy utm-policy-name; <logical-system (logical-system-name utm-policy utm-policy-name | all)>; <all-logical-systems-tenants>; <tenant (tenant-name | all)>; utm-policy utm-policy-name;
Description
Displays the content filtering statistics for connections including lists of blocked files and the reasons for blocking. Statistics from both the nodes (with full chassis cluster support for Content Security) are displayed.
Starting in Junos OS Release 18.3R1, you can view the content filtering statistics for the primary logical system or for a specific user logical system or for all the user logical systems.
Starting in Junos OS Release 19.2R1, you can view the content filtering statistics for a specific tenant system or for all the tenant systems.
Starting in Junos OS Release 21.4R1, we have improved the Content Security content filtering efficiency by adding pre-detect technique to detect file types accurately. This techinque allows you to create rulesets and rules to define content filter criteria. This enhnacemnet is a replacement of the existing file type detection based on file name extensions and profile based filtering on application profiles. This command is enhnaced to display the enhnaced content filtering statistics in a Content Security policy.
Options
none |
Displays content filtering statistics for the primary logical system. |
|
root-logical-system |
(Optional) Displays content filtering statistics for the primary logical system. |
Starting in Junos OS Release 21.4R1, this option is added under the root-logical-system option, to display content filtering statistics in a specified Content Security policy within the root logical system. |
logical-system logical-system-name |
(Optional) Displays content filtering statistics for a specific user logical system. |
Starting in Junos OS Release this option is added under the root-logical-system option, to display content filtering statistics in a specified Content Security policy within the specified logical system. |
all |
(Optional) Displays content filtering statistics for all the user logical systems. |
all-logical-systems-tenants |
(Optional) Displays content filtering statistics for all logical systems and tenant systems. |
tenant tenant-name |
(Optional) Displays content filtering statistics for a specific tenant system. |
all |
(Optional) Displays content filtering statistics for all the tenant systems. |
utm-policy utm-policy-name |
Starting in Junos OS Release 21.4R1, this option is added to display content filtering statistics in a specified Content Security policy. |
Required Privilege Level
view
Sample Output
- show security utm content-filtering statistics
- show security utm content-filtering statistics utm-policy <utm-policy-name>
- show security utm content-filtering statistics root-logical-system
- show security utm content-filtering statistics root-logical-system utm-policy <utm-policy-name> (Commands to display CF statistics in a Content Security policy within a root-logical-system)
- show security utm content-filtering statistics logical-system LSYS1
- show security utm content-filtering statistics logical-system <logical-system-name> utm-policy <utm-policy-name>
- show security utm content-filtering statistics logical-system all
- show security utm content-filtering statistics tenant TSYS1
- show security utm content-filtering statistics tenant all
- show security utm content-filtering statistics all-logical-systems-tenants
show security utm content-filtering statistics
user@host> show security utm content-filtering statistics Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0 Number of Rule-sets : 1 Rule-set add failures : 0 Rule-set delete failures : 0 Number of Rules : 1 Rule add failures : 0 Rule delete failures : 0 Fatal errors : 0 Malloc failures : 0 Sanity errors : 0 Malloc blocks in use : 10
show security utm content-filtering statistics utm-policy <utm-policy-name>
user@host> show security utm content-filtering statistics utm-policy pol1 Number of rules configured w.r.t application Any : 0 http : 1 ftp : 1 smtp : 0 imap : 0 pop3 : 0 Number of times content blocked w.r.t direction Download : 0 Upload : 0 Number of times content blocked w.r.t application http : 0 ftp : 0 smtp : 0 imap : 0 pop3 : 0 Number of rules matched w.r.t action no-action : 0 block : 0 close-client : 0 close-server : 0 close-client-server : 0 Number of times content blocked w.r.t file-type unknown : 0 7z : 0 ace : 0 applesingle : 0 arj : 0 bzip : 0 diskdupe : 0 dos : 0 eicar : 0 elf : 0 emf : 0 eml : 0 flash : 0 gea : 0 gzip : 0 ha : 0 hlp : 0 hybris : 0 itsf : 0 java : 0 jmp : 0 jpeg : 0 lha : 0 lnk : 0 map : 0 mime : 0 msasf : 0 mscf : 0 msi : 0 mso : 0 ntdetect : 0 ole : 0 paquet : 0 pdf : 0 pe : 0 perl : 0 pif : 0 png : 0 rar : 0 reg : 0 rtf : 0 script : 0 sh : 0 sis : 0 spis : 0 sys : 0 tar : 0 vba : 0 wmf : 0 wsf : 0 xml : 0 xz : 0 zip : 0
show security utm content-filtering statistics root-logical-system
user@host> show security utm content-filtering statistics root-logical-system Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0
show security utm content-filtering statistics root-logical-system utm-policy <utm-policy-name> (Commands to display CF statistics in a Content Security policy within a root-logical-system)
user@host> show security utm content-filtering statistics root-logical-system utm-policy pol1 Number of rules configured w.r.t application Any : 0 http : 1 ftp : 1 smtp : 0 imap : 0 pop3 : 0 Number of times content blocked w.r.t direction Download : 0 Upload : 0 Number of times content blocked w.r.t application http : 0 ftp : 0 smtp : 0 imap : 0 pop3 : 0 Number of rules matched w.r.t action no-action : 0 block : 0 close-client : 0 close-server : 0 close-client-server : 0 Number of times content blocked w.r.t file-type unknown : 0 dos : 0 pe1 : 0 pe2 : 0 shockwave : 0 jpeg : 0 elf : 0 hlp : 0 java : 0 ole2 : 0 ole2-inverted : 0 sh : 0 perl1 : 0 perl2 : 0 itsf : 0 reg : 0 pdf : 0 wsf : 0 mime : 0 zip : 0 lnk : 0 vba : 0 xml : 0 ms-asf : 0 script-file : 0 script-file2 : 0 eicar : 0 ntdetect : 0 decrypt-hybris-plugin : 0 decrypt-hybris-plugin2 : 0 png : 0 wmf : 0 wmf2 : 0 emf : 0 map : 0 jmp : 0 ace : 0 lha : 0 paquet : 0 applesingle : 0 bzip : 0 diskdupe : 0 rtf : 0 gea : 0 gzip : 0 mso : 0 sis : 0 spis : 0 tar : 0 arj : 0 ha : 0 rar : 0 zip-pk : 0 mscf : 0 msi : 0 pif : 0 hybris-plugin : 0 dos-full-scan : 0 script-file-full-scan : 0 swf : 0 swf-cws : 0 sys : 0 eml : 0 7z : 0 xz : 0
show security utm content-filtering statistics logical-system LSYS1
user@host> show security utm content-filtering statistics logical-system LSYS1 Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0
show security utm content-filtering statistics logical-system <logical-system-name> utm-policy <utm-policy-name>
user@host> show security utm content-filtering statistics root-logical-system utm-policy pol1 Number of rules configured w.r.t application Any : 0 http : 1 ftp : 1 smtp : 0 imap : 0 pop3 : 0 Number of times content blocked w.r.t direction Download : 0 Upload : 0 Number of times content blocked w.r.t application http : 0 ftp : 0 smtp : 0 imap : 0 pop3 : 0 Number of rules matched w.r.t action no-action : 0 block : 0 close-client : 0 close-server : 0 close-client-server : 0 Number of times content blocked w.r.t file-type unknown : 0 dos : 0 pe1 : 0 pe2 : 0 shockwave : 0 jpeg : 0 elf : 0 hlp : 0 java : 0 ole2 : 0 ole2-inverted : 0 sh : 0 perl1 : 0 perl2 : 0 itsf : 0 reg : 0 pdf : 0 wsf : 0 mime : 0 zip : 0 lnk : 0 vba : 0 xml : 0 ms-asf : 0 script-file : 0 script-file2 : 0 eicar : 0 ntdetect : 0 decrypt-hybris-plugin : 0 decrypt-hybris-plugin2 : 0 png : 0 wmf : 0 wmf2 : 0 emf : 0 map : 0 jmp : 0 ace : 0 lha : 0 paquet : 0 applesingle : 0 bzip : 0 diskdupe : 0 rtf : 0 gea : 0 gzip : 0 mso : 0 sis : 0 spis : 0 tar : 0 arj : 0 ha : 0 rar : 0 zip-pk : 0 mscf : 0 msi : 0 pif : 0 hybris-plugin : 0 dos-full-scan : 0 script-file-full-scan : 0 swf : 0 swf-cws : 0 sys : 0 eml : 0 7z : 0 xz : 0
show security utm content-filtering statistics logical-system all
user@host> show security utm content-filtering statistics logical-system all Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0
show security utm content-filtering statistics tenant TSYS1
user@host> show security utm content-filtering statistics tenant TSYS1 Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0
show security utm content-filtering statistics tenant all
user@host> show security utm content-filtering statistics tenant all Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0
show security utm content-filtering statistics all-logical-systems-tenants
user@host> show security utm content-filtering statistics all-logical-systems-tenants Content-filtering-statistic: Blocked Base on command list: 0 Base on mime list: 0 Base on extension list: 0 ActiveX plugin: 0 Java applet: 0 EXE files: 0 ZIP files: 0 HTTP cookie: 0
Release Information
Command introduced in Junos OS Release 9.5.
Support for Content Security in chassis cluster added in Junos OS Release 11.4.
Starting in Junos OS Release 18.2R1, on SRX5000 line, the options
pic
and fpc
to display physical interface
cards (PICs) and Flexible PIC Concentrator (FPC) statistics are not supported.
Support for Content Security in logical system added in Junos OS Release 18.3R1.
Support for Content Security in tenant system added in Junos OS Release 19.2R1.
Starting in Junos OS Release 21.4R1, This command is enhnaced to display the enhnaced content filtering statistics in a Content Security policy.