[j-nsp] SRX policy logging
Crist.Clark at globalstar.com
Wed May 18 15:41:34 EDT 2011
>>> On 5/18/2011 at 12:20 PM, "Scott T. Cameron" <routehero at gmail.com> wrote:
> Does anyone have a trick for logging all policies? I'm not particularly
> fond of going and tagging each policy with "log".
> Worse, is there a way to flag the default-policy with a log statement? I
> have deny-all and no options that follow, would be nice to catch them all
> with a log as well.
> juniper-nsp mailing list juniper-nsp at puck.nether.net
# set group log-all-policies security policies from-zone <*> to-zone <*> policy <*> then log session-init
# set security policies apply-group log-all-policies
Network Security Specialist, Information Systems
408 933 4387
More information about the juniper-nsp