Capturing Snmp Secure Audit Logs - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04 Configuration Manual
Software for e series broadband services routers policy management configuration guide
Hide thumbs
Also See for JUNOSE SOFTWARE FOR E SERIES 11.3.X - POLICY MANAGEMENT CONFIGURATION GUIDE 2010-10-04:
- Reference manual (284 pages) ,
- Configuration manual (632 pages)
Table of Contents
Advertisement
JunosE 11.3.x Policy Management Configuration Guide
Related
Documentation
Capturing SNMP Secure Audit Logs
254
host1(config)#snmp-server host 192.168.57.103 version 3 fredMirrorUser cliSecurityAlert
packetMirror trapFilters notice
host1(config)#show snmp trap
Enabled Categories: CliSecurity, PacketMirror, Sonet
SNMP authentication failure trap is disabled
Trap Source: FastEthernet 6/0, Trap Source Address:192.168.120.78
Trap Proxy: enabled
Global Trap Severity Level: 6 - informational
Address
Security String
---------------
--------------------------------
192.168.1.1
host1
192.168.57.103
fredMirrorUser
192.168.57.162
host2
Address
TrapSeverityFilter
--------------- ------------------ ------- --------- --------- -------------
192.168.1.1
5 - notice
192.168.57.103
5 - notice
192.168.57.162
2 - critical
Using SNMP Secure Packet Mirroring Traps on page 250
See Configuring SNMP in JunosE System Basics Configuration Guide for information
about JunosE Software SNMP support.
mirror trap-enable
snmp-server clear secure-log
snmp-server enable traps
snmp-server host
snmp-server secure-log
show mirror trap
show snmp secure-log
SNMP secure audit logging enables administrators to collect the SNMP audit logs for
mirror traps and Mirror-MIB get/set operations with the protection of the mirror enabling
feature. Secure audit logging facilitates the debugging of issues related to SNMP packet
mirror traps.
All normal SNMP console and syslog audit logs (including snmpTrap, snmpPduAudit,
and snmpSetPduAudit) for secure traps and Mirror-MIB are suppressed due to security
concerns. When you have issued the mirror enable command, you can issue the snmp
secure-log command to capture secure audit logs. Configuration, storage, and display
of the SNMP secure logging is on global basis rather than a per-VR basis.
The SNMP agent captures and stores the audit logs for secure traps. The SNMP agent
also captures PDU audit logs for Mirror-MIB operations. Configure the snmpTrap,
snmpPduAudit, and snmpSetPduAudit logs at the proper severity level to capture the
secure audit logs.
Ver
Port
---
-----
v1
162
v3
162
v3
162
Ping
Maximum
Queue
TimeOut QueueSize DrainRate discrd methd
1
32
0
1
32
0
1
32
0
Copyright © 2010, Juniper Networks, Inc.
Trap Categories
----------------
Cli
CliPacketMirror
Sonet
Queue Full
dropLastIn
dropLastIn
dropLastIn
Advertisement
Table of Contents
