Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX/J-series] How to display the J-WEB equivalent of the monitoring security report for traffic and threat in the CLI of Junos devices?

0

0

Article ID: KB24182 KB Last Updated: 18 May 2012Version: 1.0
Summary:
This article provides information on how to display the J-WEB equivalent of the traffic and threat monitoring security report in the CLI.
Symptoms:
The Reporting functionality for Junos devices provides users with a simple and easy to use interface to view security event data and statistics:
SRX > show security report ?
Possible completions:
   threat         Show security threats(IDP|UTM) report
   traffic          Show security traffic report
Cause:

Solution:

By default, the onboard reporting functionality for Junos devices is on. To turn it off, you need to configure no-report:

[edit]
root@SRX210-HM-1# set security   analysis ?
Possible completions:
+ apply-groups         Groups from which to inherit configuration data
+ apply-groups-except  Don't inherit configuration data from these groups
  no-report            Stops security analysis reporting

The following information is the CLI equivalent (hidden) of the J-Web Report menu in the Monitor tab:

root@SRX210-HM-1# run show security report threat ? < Hidden command 
Possible completions:
  recent-activity      Show the most recent threat activities
  statistics           Show the threat statistics
  summary              Show threat indicator summary
[edit]

root@SRX210-HM-1# run show security report threat recent-activity 

From Email              Severity   Source IP    Action      TimeStamp     
spamtest@spamtest.com   info       16.16.16.1   BLOCKED     2012-03-05 15:11:05 UTC  

Attack Name             Severity  Source IP/Port Destination IP/port Protocol  Action    TimeStamp
-                       info      16.16.16.1     /36733 16.16.16.2   /80   TCP      TRAFFIC_IPACTION_NOTIFY  
2012-03-05 15:11:05 UTC

[edit]
root@SRX210-HM-1# run show system uptime 
Current time: 2012-03-05 15:12:45 UTC
System booted: 2012-03-04 21:58:51 UTC (17:13:54 ago)
Protocols started: 2012-03-04 22:02:04 UTC (17:10:41 ago)
Last configured: 2012-02-29 10:22:44 UTC (5d 04:50 ago) by root
3:12PM  up 17:14, 1 user, load averages: 0.05, 0.03, 0.00

[edit]

root@SRX210-HM-1# run show security report threat summary 
Threat activity summary:
  Cumulative AV count                : 0
  Cumulative SPAM count              : 1
  Cumulative WEB filter content count: 0
  Cumulative Content Filtering count : 0
  Cumulative IDP attack count        : 1

[edit]
root@SRX210-HM-1# 
root@SRX210-HM-1# run show security report threat statistics | no-more 

Threat Category       Severity       Hit Counts (24hr)  Hit count (1hr)
ANTI_VIRUS            emerg             0                  0                    
ANTI_SPAM             emerg             1                  1                    
CONTENT_FILTER        emerg             0                  0                    
WEB_FILTER            emerg             0                  0                    
IDP                   emerg             1                  1                    

Web Content Category            Hit Counts (24hr)  Hit count (1hr)
Adult_Sexually_Explicit        0                  0                   
Advertisements                 0                  0                   
Arts_Entertainment             0                  0                   
Chat                           0                  0                   
Computing_Internet             0                  0                   
Criminal_Skills                0                  0                   
Drugs_Alcohol_Tobacco          0                  0                   
Education                      0                  0                   
Finance_Investment             0                  0                   
Food_Drink                     0                  0                   
Gambling                       0                  0                   
Games                          0                  0                   
Glamour_Intimate_Apparel       0                  0                   
Government_Politics            0                  0                   
Hacking                        0                  0                   
Hate_Speech                    0                  0                   
Health_Medicine                0                  0                   
Hobbies_Recreation             0                  0                   
Hosting_Sites                  0                  0                   
Job_Search_Career_Development  0                  0                   
Kids_Sites                     0                  0                   
Lifestyle_Culture              0                  0                   
Motor_Vehicles                 0                  0                   
News                           0                  0                   
Personals_Dating               0                  0                   
Photo_Searches                 0                  0                   
Real_Estate                    0                  0                   
Reference                      0                  0                   
Religion                       0                  0                   
Remote_Proxies                 0                  0                   
Sex_Education                  0                  0                   
Search_Engines                 0                  0                   
Shopping                       0                  0                   
Sports                         0                  0                   
Streaming_Media                0                  0                   
Travel                         0                  0                   
Usenet_News                    0                  0                   
Violence                       0                  0                   
Weapons                        0                  0                   
Web_based_Email                0                  0                   

Threat Name          Category    Source IP/Port Destination IP/port Protocol Action    Hit Time     Description 
-                    ANTI_SPAM   16.16.16.1     /0                  /0       BLOCKED   2012-03-05 15:11:05 UTC
                     IDP         16.16.16.1     /36733 16.16.16.2   /80      TRAFFIC_IPACTION_NOTIFY 2012-03-05 15:11:05 UTC

Time Count            Critial threat Count  Major threat Count  Minor Threat Count
23                    0                     0                   0                  
22                    0                     0                   0                  
21                    0                     0                   0                  
20                    0                     0                   0                  
19                    0                     0                   0                  
18                    0                     0                   0                  
17                    0                     0                   0                  
16                    0                     0                   0                  
15                    0                     0                   0                  
14                    0                     0                   0                  
13                    0                     0                   0                  
12                    0                     0                   0                  
11                    0                     0                   0                  
10                    0                     0                   0                  
9                     0                     0                   0                  
8                     0                     0                   0                  
7                     0                     0                   0                  
6                     0                     0                   0                  
5                     0                     0                   0                  
4                     0                     0                   0                  
3                     0                     0                   0                  
2                     0                     0                   0                  
1                     0                     0                   0                  
0                     2                     0                   0                  

Interval Anti-Virus           Anti-Spam           Web Filter       Content Filter      IDP     
23       0                   0                  0                  0                   0            
22       0                   0                  0                  0                   0            
21       0                   0                  0                  0                   0            
20       0                   0                  0                  0                   0            
19       0                   0                  0                  0                   0            
18       0                   0                  0                  0                   0            
17       0                   0                  0                  0                   0            
16       0                   0                  0                  0                   0            
15       0                   0                  0                  0                   0            
14       0                   0                  0                  0                   0            
13       0                   0                  0                  0                   0            
12       0                   0                  0                  0                   0            
11       0                   0                  0                  0                   0            
10       0                   0                  0                  0                   0            
9        0                   0                  0                  0                   0            
8        0                   0                  0                  0                   0            
7        0                   0                  0                  0                   0            
6        0                   0                  0                  0                   0            
5        0                   0                  0                  0                   0            
4        0                   0                  0                  0                   0            
3        0                   0                  0                  0                   0            
2        0                   0                  0                  0                   0            
1        0                   0                  0                  0                   0            
0        0                   1                  0                  0                   1            



Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search