[j-nsp] Logging usage on an SRX with UTM

Alex Arseniev alex.arseniev at gmail.com
Sun Jun 23 09:54:33 EDT 2013


Haven't You checked the manual?
http://www.juniper.net/techpubs/en_US/junos12.1/information-products/topic-collections/syslog-messages/jd0e61552.html#WEBFILTER_URL_PERMITTED
http://www.juniper.net/techpubs/en_US/junos12.1/information-products/topic-collections/syslog-messages/jd0e61552.html#WEBFILTER_URL_BLOCKED
Regarding "and who" - the WEBFILTER syslog messages contain only the src.IP, 
correlation to username is manual at this stage.
HTH
Thanks
Alex

----- Original Message ----- 
From: "Skeeve Stevens" <skeeve+junipernsp at eintellegonetworks.com>
To: <juniper-nsp at puck.nether.net>
Sent: Sunday, June 23, 2013 12:24 PM
Subject: [j-nsp] Logging usage on an SRX with UTM


> Hey all,
>
> Got a customer who is using a small SRX with UTM (Web filtering, AV, AS,
> IDP), and he wants us to do logging across with the board, but with
> specific focus on the usage of web traffic.
>
> They'd like to know all web urls going through the firewalls, but also 
> very
> interested in the knock backs from EWF - and who.
>
> Is there something that easily does this, or something I'd have to collate
> via syslog, or some other method?
>
> ...Skeeve
>
> *Skeeve Stevens - *eintellego Networks Pty Ltd
> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com
>
> Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
>
> facebook.com/eintellegonetworks ;  <http://twitter.com/networkceoau>
> linkedin.com/in/skeeve
>
> twitter.com/networkceoau ; blog: www.network-ceo.net
>
>
> The Experts Who The Experts Call
> Juniper - Cisco - Cloud
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 



More information about the juniper-nsp mailing list