show security idp counters application-identification
Syntax
show security idp counters application-identification <logical-system (logical-system-name | all)> <tenant tenant-name>
Description
Displays the status of all IDP application identification (AI) counter values.
Options
| none | Displays the status of all IDP application identification (AI) counter values. |
| logical-system logical-system-name | (Optional) Displays the status of all IDP application identification (AI) counter values for a specific logical system. |
| logical-system all | (Optional) Displays the status of all IDP application identification (AI) counter values for all logical systems. |
| tenant tenant-name | (Optional) Displays the status of all IDP application identification (AI) counter values for a specific tenant system. |
Required Privilege Level
view
Output Fields
Table 1 lists the output
fields for the show security idp counters application-identification command. Output fields are listed in the approximate order in which
they appear.
Field Name |
Field Description |
|---|---|
|
Number of sessions with an AI signature match. |
|
Number of sessions with no AI signature match. |
|
Number of sessions with AI enabled. |
|
Number of sessions with AI disabled. |
|
Number of sessions with AI disabled due to SSL encapsulated flows. |
|
Number of sessions with AI disabled due to a cache match. |
|
Number of sessions with AI disabled because the configured session limit was reached. |
|
Number of sessions with AI disabled due to protocol remapping. |
|
Number of sessions with AI disabled due to an RPC match. |
|
Number of sessions with AI disabled due to a gate match. |
|
Number of sessions with AI disabled due to non-TCP or non-UDP flows. |
|
Number of sessions with AI disabled because the maximum session limit was reached. |
|
Number of sessions with AI disabled because the memory usage limit per session was reached. |
|
Number of sessions with AI disabled because the global memory usage limit was reached. |
|
Number of AI sessions with current global reassembler packet memory usage limit |
|
Number of AI sessions with peak global reassembler packet memory usage limit |
|
Number of AI sessions with current global packet memory usage limit |
|
Number of AI sessions with peak global packet memory usage limit |
|
Number of AI sessions dropped because the malloc failure occurred before session create. |
|
Number of AI sessions dropped because the malloc failure occurred after session create. |
|
Number of AI packets received on sessions that are marked to be dropped because the malloc failure. |
|
Number of packets cloned for application identification. |
|
Number of times the IDP policy has been updated. |
|
Number of jobs ignored because of pattern matching engine (PME) not matching. |
|
Number of packets for which signature matching was ignored as prematch found. |
|
Number of packets saved as they are handed off for signature matching during prematch reprocess. |
|
Number of packets saved as they are handed off for signature matching during final match reprocess. |
|
Number of times AI saved packet handed off for signature matching. |
|
Number of times a packet processed for final matching before signature matching. |
|
Number of times a packet processed for prematch before signature match. |
|
Number of packets ignored for signature matching as prematch found. |
|
Number of packets signature matching not completed before AI done. |
|
Number of jobs destroyed because of flow mismatch due to policy relookup. |
|
Number of sessions set for AI applied. |
|
Number of sessions with AI applied. |
Sample Output
- show security idp counters application-identification
- show security idp counters application-identification tenant TSYS1
show security idp counters application-identification
user@host> show security idp counters application-identification
IDP counter type Value
AI matches 0
AI no-matches 0
AI-enabled sessions 0
AI-disabled sessions 0
AI-disabled sessions due to ssl encapsulated flows 0
AI-disabled sessions due to cache hit 0
AI-disabled sessions due to configuration 0
AI-disabled sessions due to protocol remapping 0
AI-disabled sessions due to RPC match 0
AI-disabled sessions due to gate match 0
AI-disabled sessions due to non-TCP/UDP flows 0
AI-disabled sessions due to session limit 0
AI-disabled sessions due to session packet memory limit 0
AI-disabled sessions due to global packet memory limit 0
AI sessions current global reass packet memory usage 0
AI sessions peak global reass packet memory usage 0
AI sessions current global packet memory usage 0
AI sessions peak global packet memory usage 0
AI-sessions dropped due to malloc failure before session create 0
AI-sessions dropped due to malloc failure after create 0
AI-Packets received on sessions marked for drop due to malloc failure 0
Packets cloned for AI 0
Policy update 0
Total PME prematch job ignored 0
Total packets for which prematch job were ignored 0
Prematch busy packet count 0
Final match busy packet count 0
Total AI busy packet count 0
Final match processed busy packet count 0
Prematch processed busy packet count 0
Prematch ignored busy packet count 0
AI done busy packet count 0
JPME flow for Ignored jobs destroyed 0
Set AI done for prematch 0
AI done for prematch 0
0
show security idp counters application-identification tenant TSYS1
user@host> show security idp counters application-identification tenant TSYS1 IDP counters: IDP counter type Value AI matches 0 AI no-matches 0 AI-enabled sessions 0 AI-disabled sessions 1 AI-disabled sessions due to ssl encapsulated flows 0 AI-disabled sessions due to cache hit 1 AI-disabled sessions due to configuration 0 AI-disabled sessions due to protocol remapping 0 AI-disabled sessions due to RPC match 0 AI-disabled sessions due to gate match 0 AI-disabled sessions due to non-TCP/UDP flows 0 AI-disabled sessions due to global packet memory limit 0 AI sessions current global packet memory usage 0 AI sessions peak global packet memory usage 0 AI-sessions dropped due to malloc failure before session create 0 AI-sessions dropped due to malloc failure after create 0 AI-Packets received on sessions marked for drop due to malloc failure 0 Packets cloned for AI 0 Policy update 0 Total PME prematch job ignored 0 Total packets for which prematch job were ignored 0 Prematch busy packet count 0 Final match busy packet count 0 Total AI busy packet count 0 Final match processed busy packet count 0 Prematch processed busy packet count 0 Prematch ignored busy packet count 0 AI done busy packet count 0 JPME flow for Ignored jobs destroyed 0 Set AI done for prematch 0 AI done for prematch 0
Release Information
Command introduced in Junos OS Release 9.2. Modified in Junos OS Release 12.1.
logical-system option introduced in Junos OS Release 18.3R1.
tenant option introduced in Junos OS Release 19.2R1.