[j-nsp] SRX & stream security log
Scott T. Cameron
routehero at gmail.com
Thu Jun 2 16:46:31 EDT 2011
I'm trying to enable security logging via 'mode stream'. However, it does
not appear to work.
Upon commit, this is sent on syslog:
RT_FLOW[1223]: UI_CONFIGURATION_ERROR: Process: rtlogd, path: [edit security
log], statement: stream splunk, Stream has no meaning when system-event-mode
is on
My config appears to be rudimentary:
scameron at sdc01fw01b# show security log
mode stream;
source-address 172.30.244.1;
stream splunk {
severity info;
format syslog;
category all;
host {
172.30.249.101;
port 514;
}
}
If I switch from mode stream to event, my policy logging works fine.
Anyone encountered this?
Scott
More information about the juniper-nsp
mailing list