Table 107: Common Filters - Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual

Table 107: Common Filters

Option Default
--category yes
--device yes
--device-family yes
--domain yes
--dst-ip yes
--dst-port yes
--log-id yes
--matches-to-return yes
--rule yes
--severity yes
--src-ip yes
--src-port yes
--time-recv yes
Copyright © 2010, Juniper Networks, Inc.
Using Common Filters
To control which log records are exported, use common filters. Common filters are
optional and must be used before the action command (-action).
Table 107 on page 775 shows the common filters.
Multiple Specifies
yes Category
yes Device name
yes Device type
yes Domain path
yes Destination IP address
yes Destination port
no From Log ID To Log ID
no Number of log entries to
match
no Rule to match
yes Severity
yes Source IP address
yes Source port
yes Time received
Format
<category>
Specify one or more of the following values: admin, alarm,
config, custom, events, implicit, info, predefined, profiler,
screen, self, sensors, traffic, urlfiltering, user.
<domain-path>:<device-name>
<device family>
idp, ive-ic, ive-sa, j/SRX Series, EX Series, m/MX Series,
sos
<global[/<subdomain-name>]
<a.b.c.d[/n|-<a.b.c.d>]>
<[0-65535][-[0-65535]]>
<<yyyymmdd>:[0-MAX][-<yyyymmdd>:[0-MAX]]>
<[1-4294967295]>
<domain-path>: <policy-name>:<rulebase>:<rule
number>
where <rulebase> is one of the following values: fw, idp,
honeypot, backdoor, synpro, vpn, mpolicy, tsig.
<severity>
Specify one of the following values: none, info,
device_warning_log, minor, major, device_critical_log,
emergency, alert, critical, error, warning, notice,
informational, or debug.
<a.b.c.d[/n|-<a.b.c.d>]>
<[0-65535][-[0-65535]]>
<<yyyymmdd>:<hhmmss>>-<<yyyymmdd>:<hhmmss>>
Chapter 18: Logging
775