Miscellaneous - Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide
448
Additionally, because counting can impact performance during heavy traffic periods, you
should enable counting and alarms only for firewall rules that detect important activity.
Configuring Log Actions
Use the Log Actions tab that appears when you select Log/Count in the Rule Options
column to configure the following actions to occur when a log is generated from a specific
rule:
Sending SNMP Trap—Selecting this option directs the system to output logs to an
SNMP server in SNMP format.
Sending Syslog Messages—Selecting this option directs the system to output logs to
a syslog server in syslog format.
Writing CSV files—Selecting this option and specifying a filename directs the system
to output logs using in CSV format.
Writing XML Files—Selecting this option and specifying a filename directs the system
to output logs using XML.
Sending Email—Selecting this option directs the system to output logs to an e-mail
address in SMTP format. You must specify the recipient e-mail address(es) that receives
the exported log records.
Running Scripts—Selecting this option directs the system to execute a script and report
output status. You must specify the script that receives the exported log records (script
must be located in the /usr/netscreen/DevSvr/var/scripts/global directory). In the
event that the script fails, you can also configure the system to retry or skip running
the script again.
You can configure log actions to occur for all rulebases, such as the IDP or Backdoor
rulebases, that include logging options.
You can configure parameters for forwarding logs to SNMP, Syslog, Email, CSV and XML
in the Action Parameters node of the Action Manager.

Miscellaneous

The following sections detail the Miscellaneous rule options.
Schedule
To control the time period that your security device applies the rule to your network traffic,
you can define a schedule for the rule. If you define a schedule, the security device applies
the rule to your network traffic only during the time period specified in the schedule; if
you do not specify a schedule, the rule is always applied to your network traffic.
In NSM, schedules are represented by schedule objects. Before you can define a schedule
for a rule, you must create a schedule object that describes a time period. The schedule
object defines the start time and date, end time and date, and frequency (recurring or
one-time) of the time period.
You can use schedules to control the flow of network traffic at a time-sensitive level,
and also enhance your network security.
Copyright © 2010, Juniper Networks, Inc.