[j-nsp] SRX policy logging

Crist Clark Crist.Clark at globalstar.com
Wed May 18 15:41:34 EDT 2011

>>> On 5/18/2011 at 12:20 PM, "Scott T. Cameron" <routehero at gmail.com> wrote:
> Does anyone have a trick for logging all policies?  I'm not particularly
> fond of going and tagging each policy with "log".
> Worse, is there a way to flag the default-policy with a log statement?  I
> have deny-all and no options that follow, would be nice to catch them all
> with a log as well.
> Scott
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/juniper-nsp 

# set group log-all-policies security policies from-zone <*> to-zone <*> policy <*> then log session-init
# set security policies apply-group log-all-policies


Crist Clark
Network Security Specialist, Information Systems
408 933 4387

More information about the juniper-nsp mailing list