Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


application (Application Identification)


Hierarchy Level


Configure application definition.

You can create custom application signatures by specifying a name, protocol, port where the application runs, and match criteria. You can create ICMP-based, address-based, IP protocol-based, and Layer 7-based custom application signatures. Custom applications are created to to identify applications over Layer 7 and transiting or temporary applications, and to achieve further granularity of known applications.

Custom application definitions can be used for applications that are not part of the Juniper Networks predefined application database.


application application-name

Name of the custom application signature. Must be a unique name with a maximum length of 63 characters.


Application names are case insensitive.


Enable caching of application identification results. By enabling this option, you can cache the application detection result in an ASC table. If there is an entry in the ASC table, based on the destination IP address, protocol, and the port, we can identify AppID without again sending packet to engine. This option is not supported for address-based, IP protocol-based, and ICMP-based custom application signatures.


Description of the application.


Priority of custom applications over the predefined applications.

  • Values: high

order number

Specify the order for the custom application. Lower order has higher priority. This option is used when multiple custom applications of the same type match the same traffic. However, you cannot use this option to prioritize among different type of applications such as TCP stream-based applications against TCP port-based applications or IP address-based applications against port-based applications.

priority [high | low]

Specify the priority over other signature applications.


Specify if application is a well-known application such as HTTP and FTP.


Custom application risk value should range from 1 to 5 to keep in sync with the predefined applications. The default value is 1 when the risk is not configured. Configuring risk value for custom application signatures is not supported.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

trace—To view this statement in the configuration.

trace-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 15.1X49-D40.

Risk option introduced in Junos OS Release 19.1R1.