Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

NetScreen Event Log Overview

0

0

Article ID: KB4222 KB Last Updated: 09 Jun 2010Version: 5.0
Summary:
NetScreen Event Log Overview
Symptoms:

Solution:

Note: This article applies to ScreenOS 4.0 and higher.

NetScreen provides an event log for monitoring system events and network traffic. The NetScreen device categorizes system events by the following severity levels:

  • Emergency: Generates messages on SYN attacks, Tear Drop attacks, and Ping of Death attacks.
  • Alert: Generates messages for multiple user authentication failures and other firewall attacks not included in the emergency category.
  • Critical: Generates messages for URL blocks, traffic alarms, High Availability (HA) status changes, and global communications.
  • Error: Generates messages for admin log on failures.
  • Warning: Generates messages for admin logins and logouts, failures to log on and log out, and user authentication failures, successes, and timeouts.
  • Notification: Generates messages for link status changes, traffic logs, and configuration changes.
  • Information: Generates any kind of message not specified in other categories.
  • Debugging: Generates all messages.

The event log displays the date, time, level and description of each system event. You can view system events for each category stored in flash storage on the NetScreen device through the WebUI or the CLI. You can also open or save the file to the location you specify, and then use an ASCII text editor, such as Notepad or WordPad, to view the file. Alternatively, you can send them to an external storage space.

Note: Emergency and Alert messages are sent to the secure facility. Emergency, Alert, and Critical messages are considered event alarms or alarm level messages. If an email alert is configured, an email will be sent to the administrator when any of these types of events are encountered. For more information on configuring email alert notifications, go to Configuring Email Alert Notifications.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search