Syntax
stream stream-name {
category (all | content-security | fw-auth | screen | alg | nat | flow | sctp | gtp | ipsec | idp | rtlog |pst-ds-lite | appqos |secintel |aamw);
filter {
threat-attack;
}
format (binary | sd-syslog | syslog | welf);
host {
ip-address;
port port-number;
routing-instanceinstance-name;
}
rate-limit {
log-rate;
}
severity (alert | critical | debug | emergency | error | info | notice | warning);
source-address {
ip-address;
}
time-format (year | millisecond);
transport {
protocol (tcp | tls | udp);
tcp-connections tcp-connections;
tls-profile tls-profile;
}
}
Hierarchy Level
[edit security log]
[edit logical-systems name security log]
[edit tenants tenant-name security log]
Description
Define the security log steam settings.
Options
stream |
Every
stream can configure file or host.
Values:
category— Type of events that may be
logged.
all— All events are logged
content-security — Content security events
are logged
fw-auth— Fw-auth events are logged.
screen— Screen events are logged.
alg— Alg events are logged.
nat— Nat events are logged.
flow— Flow events are logged.
sctp— Sctp events are logged.
gtp— Gtp events are logged.
ipsec— IPsec events are logged.
idp— Idp events are logged.
rtlog— Rtlog events are logged.
pst-ds-lite— Pst-ds-lite events are logged.
appqos— Appqos events are logged.
secintel— AAMW events are logged.
filter threat-attack—
Selects the filter to filter the threat attack security events to
be logged
format (binary | sd-syslog | syslog)— Specify the log stream format in binary or sd-syslog
or syslog formats.
host ip-address—
Destination to send security logs.
rate-limit rate—
Specify the rate limit for security logs.
severity— Specify the severity threshold
for security logs.
alert— Specify the conditions that require
immediate attention.
critical— Specify the critical conditions.
debug— Specify the information normally
used in debugging.
emergency— Specify the conditions that
cause security functions to stop.
error— Specify the general error conditions.
info— Specify the Information about normal
security operations.
notice— Specify the non error conditions
that are of interest.
warning— Specify the general warning
conditions.
source-address— Specify the source address
to the stream log.
time-format (year | millisecond)— Specify the year, the millisecond, or both in the timestamp.
transport— Set the security log transport
settings.
protocol (tcp | tls | udp)— Specify the security log transport protocol for the device.
Values: tcp, tls, and udp.
tcp-connections— Specify the number of
tcp connections per stream. Values: 1 through 5.
Note: tcp-connections is not supported on logical
and tenant systems.
tls-profile— Specify the tls profile.
|
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To
view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement modified in Junos OS Release
9.2.
The [edit logical-systems name security log] and [edit tenants tenant-name security log] hierarchy levels
introduced in Junos OS Release 19.1R1.
time-format, source-address, and transport options are introduced in Junos OS Release 20.2R1.
