Network Management and Monitoring

Support for on-box reporting (SRX300, SRX320, SRX340, SRX345, and SRX550HM)—Starting in Junos OS Release 21.3R1, on-box reporting logs are stored on the memory file system (MFS) which is not persistent across reboots or power failures. For customers who wish to retain security logs between reboots, the dedicated log-storage SSD (JSU-SSD-MLC-100) must be installed in the device (SRX340 or SRX345).

[See Understanding On-Box Logging and Reporting.]

SNMP support to view configured logical systems and tenant systems details (SRX1500, SRX4100, SRX4200, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX)—Starting in Junos OS Release 21.3R1, you can view the following details of configured logical systems and tenant systems using the new LSYSTSYS MIB:

• Total logical system count
• Total tenant system count
• Total security profiles count
• Maximally allowed logical system capacity
• Maximally allowed tenant system capacity
• Maximally allowed security profiles capacity

[See SNMP MIBs and Traps Supported by Junos OS.]

Support for syslog over TLS (SRX Series and vSRX)—Starting in Junos OS Release 21.3R1, you can transport syslog (control plane) over Transport Layer Security (TLS) protocol. Encapsulating syslog in TLS allows you to:

• Validate the remote destination (syslog server) before transmitting any sensitive syslog information. (Authentication)
• Encrypt the syslog during the transport. (Encryption)
• Verify that the data has not been modified or tampered with (Integrity)

Before you enable this feature, ensure you:

• Configure public key infrastructure (PKI) in Junos OS
• Configure and load the digital certificates
• Configure the remote destination (syslog server) that supports syslog over TLS

To enable transport of syslog (control plane) over TLS, use the tls statement at the [edit system syslog host host-name transport] hierarchy level.

[See tlsdetails and transport]