[j-nsp] SRX policy logging
Crist Clark
Crist.Clark at globalstar.com
Wed May 18 15:41:34 EDT 2011
>>> On 5/18/2011 at 12:20 PM, "Scott T. Cameron" <routehero at gmail.com> wrote:
> Does anyone have a trick for logging all policies? I'm not particularly
> fond of going and tagging each policy with "log".
>
> Worse, is there a way to flag the default-policy with a log statement? I
> have deny-all and no options that follow, would be nice to catch them all
> with a log as well.
>
> Scott
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
# set group log-all-policies security policies from-zone <*> to-zone <*> policy <*> then log session-init
# set security policies apply-group log-all-policies
--
Crist Clark
Network Security Specialist, Information Systems
Globalstar
408 933 4387
More information about the juniper-nsp
mailing list