Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

ip-user-mapping

Syntax

Hierarchy Level

Description

Control how the SRX Series Firewall accesses a domain controller in order to monitor and scan security event logs on the domain controller. By parsing the event log, the SRX Series gets IP address-to-user mappings. This process is part of the integrated user firewall feature. The ip-user-mapping statement is optional because WMI is the default discovery method and its properties have default values.

The other available method the SRX Series uses to retrieve address-to-user mapping information is manual (on-demand) probing of a domain PC.

Options

discovery-method

Method of discover IP address-to-user mappings.

wmi

Windows Management Instrumentation (WMI) is the discovery method used to access the domain controller.

event-log-scanning-interval seconds

Optional. Interval at which the SRX Series scans the event log on the domain controller.

  • Range: 5 through 60 seconds

  • Default: 10 seconds
initial-event-log-timespan hours

Optional. Time of the earliest event log on the domain controller that the SRX Series will initially scan. This argument applies to the initial deployment only. After WMIC and the user identification start working, the SRX Series scans only the latest event log.

  • Range: 1 through 168 hours

  • Default: 1 hour

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 12.1X47-D10.

Related Documentation