monitor security flow filter

Syntax

Description

Set security flow filters to define flow sessions that you want to monitor. A maximum of 64 filters is supported at a time.

Defining the filters themselves does not trigger monitoring. You must explicitly use the monitor security flow start command to enable monitoring. Once monitoring starts, any traffic that matches the specified filters is saved in an output file in the /var/log/ directory.

Note:

Unlike filters defined in the configuration mode, these filters defined using operational mode commands are cleared when you reboot your system. They are used expressly for debugging purposes.

Options

filter `filter-name`	Specify a name for the filter. The filter name can contain letters, numbers, underscores (_) and hyphens (-) and can be up to 64 characters long.
conn-tag	Specify the session connection tag. The session connection tag uniquely identifies a session.
destination-port (`port-range` \| `protocol-name`)	Specify the TCP or UDP destination port to match. You can also specify a range of TCP or UDP destination ports and monitor all traffic in this group.
destination-prefix `destination-prefix`	Specify the destination IPv4 or IPv6 address prefix to match.
interface `interface-name`	Specify the logical interface name to match.
logical-system `logical-system-name`	Specify the logical system name to match.
protocol (`protocol name` \| `protocol number`)	Specify the IP protocol type to match.
root-logical-system	(Default) Specify the root logical system to match.
source-port (`port-range` \| `protocol-name`)	Specify the TCP or UDP source port to match. You can also specify a range of TCP or UDP source ports and monitor all traffic in this group.
source-prefix `source-prefix`	Specify the source IP address prefix to match.

Required Privilege Level

view

Release Information

Command introduced in Junos OS Release 12.1X46-D10. The was updated in Junos OS Release 15.1X49-D70 with the addition of the conn-tag filter parameter.

ON THIS PAGE