Logmanager documentation
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Logmanager documentation
  2. /
  3. Log source devices configuration
  4. /
  5. Juniper SRX Series Services Gateway

Juniper SRX Series Services Gateway

Products of SRX Series are service gateways with high-performance security and advanced, integrated threat intelligence, delivered on the industry’s most scalable and resilient platform. SRX Series gateways set new benchmarks with 100GbE interfaces and feature Express Path technology, which enables up to 1 Tbps performance for the data center.

Configuration

For log collecting from SRX series device please follow next few steps. First, configure the device then prepare the Logmanager for receive messages.

Logging configuration SRX device

  1. Login to Juniper SRX device via SSH.

  2. Now enter to the configuration mode:

    configure

  3. Enable logging of all messages to the Logmanager:

    # command structure:
# command syslog host <Logmanager_IP_address> <section> <log_level>
set system syslog host <Logmanager_IP_address> any any
    Logmanager_IP_address is IP address of your Logmanager server.

    You can select only concrete section:

    Available section values:

    section description
    any log all section
    change-log log only changelog
    daemon log only daemon section
    security log only security section
    conflict-log log only conflict log

  4. Set port for Logmanager server:

    set system syslog host <Logmanager_IP_address> port 514
    Logmanager_IP_address is IP address of your Logmanager server.

Logmanager configuration

To successfully receive and process logs, you need to set up the log classification correctly. The easiest way to do this is to add the IP addresses of the device (or your chosen subnet) to the appropriate IP prefix list.

Some devices in Logmanager do not have their own IP Prefix list and you need to create one or use a classifier - Classifiers. However, an IP prefix list exists for this device, so follow the procedure below.

  1. Log in to the web administration Logmanager.

    Add the IP address of the Juniper SRX device to the IP prefix list “Juniper-SRX”.

    Go to Parser/IP prefix lists:

    • Locate the IP prefix list Juniper-SRX.
    • Edit with blue pen icon.
    • Add the IP addresses of your Juniper SRX devices. (Alternatively, you can use your chosen subnet)
    IP prefix lists are used in the vendor-Default-classification template - more Classifier templates.
    This is standard for most Logmanager installations. If you are using your own classifiers or are unsure about something, please contact your certified partner or help@logmanager.com.