Configuring Intrusion Detection and Prevention Devices Guide
IDP Logs
Table 56: Log Viewing Options
Log Views
NSM Log Viewer / Log
Investigator
NSM Log Viewer / Log
Investigator
NSM Security Monitor
NSM Audit Log Viewer
statview utility
Using NSM Log Investigator
Purpose
Action
Using NSM Audit Log Viewer
Purpose
Action
Table 57: NSM Audit Log Viewer Table
Column
Description
Time Generated
The time the object was changed. The Audit Log Viewer displays log entries in order of time generated by
Greenwich Mean Time (GMT).
128
NSM collects logs from managed IDP devices and stores them in a central log database.
You can use NSM to view, manipulate, and export logs.
Table 56 on page 128 provides a reference of log views.
Description
Logs based on notification options you set for security policy rules.
Logs related to device events, such as changes in the state of a traffic interface.
Logs produced by the Profiler feature.
Logs generated by NSM related to the use of NSM to manage the IDP device.
Logs produced by the application volume tracking (AVT) feature.
You use the NSM Log Investigator to analyze aggregations of logs and drill down based
on properties of interest.
To display logs in NSM Log Investigator, select Investigate > Log Investigator.
TIP: For details on using NSM to modify aggregation or display options, see the NSM
online Help.
You use the NSM Audit Log Viewer to track the administrative changes made to a
managed device. Log-entry details include the administrator that performed the change,
when the change occurred, and the job results.
To display the NSM Audit Log Viewer table, select Investigate > Audit Log Viewer .
Table 57 on page 128 describes the columns in the Audit Log Viewer table.
Copyright © 2010, Juniper Networks, Inc.