JUNIPER NETSCREEN FIREWALL APPLIANCE

[printfriendly]

Instructions for forwarding Juniper Netscreen Firewall Appliance logs to your Log Management device

PREREQUISITES

Juniper Netscreen Firewall Appliance

  • The IP Address for the Juniper Netscreen appliance
  • Credentials to access the Juniper Netscreen appliance
  • Secure Shell (SSH) access configured on the Juniper Netscreen appliance

Clone Systems Log Management Device

  • The IP Address for the Clone Systems Log Management device
Instructions

1. Open a command prompt and SSH into the Juniper Netscreen appliance using a tool like PuTTY.

2. Enter the credentials and log into the Netscreen appliance.

3. Set the IP Address for the syslog host.

  • Netscreen> set syslog config { IP Address of Clone Systems Log collector }
  • EXAMPLE:
  • Netscreen> set syslog config 10.1.1.1

4. Set the facilities setting which classifies and sends messages for events to the syslog host.

  • Netscreen> set syslog config { IP Address of Clone Systems Log collector } facilities local0 local0
  • EXAMPLE:
  • Netscreen> set syslog config 10.1.1.1 facilities local0 local0

5. Set the default port 514 to which the Netscreen appliance sends syslog messages.

  • Netscreen> set syslog config { IP Address of Clone Systems Log collector } port 514
  • EXAMPLE:
  • Netscreen> set syslog config 10.1.1.1 port 514

6. Send all event log entries to the syslog host.

  • Netscreen> set syslog config { IP Address of Clone Systems Log collector } log all
  • EXAMPLE:
  • Netscreen> set syslog config 10.1.1.1 log all

7. Enable the syslog appliance.

  • Netscreen> set syslog enable

8. Log off the Juniper Netscreen appliance by typing exit and then clicking Enter.