sqlite in junos SQLite format 3

Owned by Jean-luc KRIKER
Last updated: Nov 18, 2020
4 min read


https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/show-security-log-query.html


log streamShow security logs stream info

show security log stream file report_utm0

log stream
jcluser@SDK-vSRX_ContentFilter> show security log stream file ?              
Possible completions:
  <file-name>          Name of the stream log file to be displayed 
  alert/               Last changed: Apr 01 2020
  conf/                Last changed: Apr 01 2020
  llmd_db0             Size: 4096, Last changed: Jun 10 2019
  llmd_db0-shm         Size: 32768, Last changed: Nov 05 07:15:05
  llmd_db0-wal         Size: 16512, Last changed: Jun 10 2019
  llmd_db1             Size: 4096, Last changed: Jun 10 2019
  llmd_db1-shm         Size: 32768, Last changed: Nov 05 07:15:05
  llmd_db1-wal         Size: 16512, Last changed: Jun 10 2019
  logical-system       Logical-system name
  logical-systems/     Last changed: Jun 10 2019
  report_idp0          Size: 4096, Last changed: Jun 10 2019
  report_idp0-shm      Size: 32768, Last changed: Nov 05 07:15:05
  report_idp0-wal      Size: 61832, Last changed: Apr 01 2020
  report_idp1          Size: 4096, Last changed: Jun 10 2019
  report_idp1-shm      Size: 32768, Last changed: Nov 05 07:15


log queryQuery logs from database

log query
jcluser@SDK-vSRX_ContentFilter> show security log query ?                      
Possible completions:
  application          Filter application
  category             Category name
  count                Number of logs to be queried
  dst-ip               Filter destination ip
  dst-port             Filter destination port (1..65535)
  event-type           Filter event-type
  service              Filter service
  src-ip               Filter source ip
  src-port             Filter source port (1..65535)
  start-time           Earliest timestamp to include in output (YYYY-MM-DDTHH:MM:SS)
  stop-time            Latest timestamp to include in output (YYYY-MM-DDTHH:MM:SS)
  user                 Filter user

category 
juniper@SDK-vSRX_JCL_EWF> show security log query category utm ?
Possible completions:
  <[Enter]>            Execute this command
  application          Filter application
  count                Number of logs to be queried
  dst-ip               Filter destination ip
  dst-port             Filter destination port (1..65535)
  event-type           Filter event-type
  service              Filter service
  src-ip               Filter source ip
  src-port             Filter source port (1..65535)
  start-time           Earliest timestamp to include in output (YYYY-MM-DDTHH:MM:SS)
  stop-time            Latest timestamp to include in output (YYYY-MM-DDTHH:MM:SS)
  user                 Filter user
  |                    Pipe through a command