AJSEC Lab9 Log Director

Owned by Jean-luc KRIKER
Last updated: Mar 18, 2019
2 min read




log collector installation
SD: logging Node
SD config 
Administration / Logging Management /Logging Nodes  workspace 
>> Add Logging Node ( Log Collector)

Administration > Logging Management > Statistics & Troubleshooting  workspace.
 
Administration > Logging Management > Logging Devices  workspace.

vsrx config 
lab@vSRX-VR> show configuration security log | display set 
set security log mode stream
set security log source-address 172.25.11.3
set security log stream LC1 severity info
set security log stream LC1 format sd-syslog
set security log stream LC1 host 172.25.11.101

lab@vSRX-VR> show configuration system ntp | display set      
set system ntp server 172.25.11.254

lab@vSRX-VR> set date ntp  
15 Mar 09:46:37 ntpdate[16252]: step time server 172.25.11.254 offset 0.004387 sec
firewall policy testing
firewall policy testing 
Configure / Firewall Policy / Policies  workspace

>> Create a filter ; ( src dst IP ) + save it

Monitor > Alerts & Alarms > Alert Definitions  workspace
>> create an Alert policy ( + use the previous filter )

Monitor > Alerts & Alarms > Alert 
>> look at the Alarm that has been created




SD: Configure / Firewall Policy / Policies  workspace.
>>