Table of Contents
Advertisement
Network and Security Manager Administration Guide
Archiving Logs
Log Archival Mechanism
Setting Log Storage Limits
768
You can archive and retrieve log entries to and from a storage device using standard Unix
commands.
Logs reside on the Device Server in the following directory:
/usr/netscreen/DevSvr/var/logs
We recommend using the following commands to archive your logs:
The tar command
The scp (Secure Copy) command
The ftp (File Transfer Protocol) command
For full descriptions and options for each command, see the man pages.
NOTE: You do not need to stop the processes on the Device Server before archiving.
All managed device logs are stored in
and associated files organized into subdirectories for each day. To archive the logs for a
specified day, archive the entire directory for that day.
Each directory is named according to the YYYYMMDD convention, indicating the day
contained in the directory. Do not attempt to archive the current day's files. You can
automate archival using cron. To archive logs:
Use
to copy all directories in
scp
1.
location.
Remove the directories from the Device Server machine.
2.
You can analyze the archived logs later by restoring them to the logs directory on the
Device Server. The restored logs are then available in the
just as they were before archival.
Use scp to copy directories from the remote archival location to
1.
/usr/netscreen/DevSvr/var/logs/
Analyze the logs using the NSM UI.
2.
Remove directories when finished with analysis.
3.
You can specify the number of days that NSM stores logs; as well as purge or archive a
specified log based on the following configurable criteria:
"Date Limits" on page 769
System-Wide Retention Policy
/usr/netscreen/DevSvr/var/logs
/usr/netscreen/DevSvr/var/logs/
Log Viewer
.
Copyright © 2010, Juniper Networks, Inc.
that contains logs
to a remote archival
and
Log Investigator
Advertisement
Table of Contents
