Table of Contents
Advertisement
CHAPTER 19
Logging
About Logging
Copyright © 2010, Juniper Networks, Inc.
Network and Security Manager integrates log information from multiple devices to help
you access and distill data about the traffic on your network.
The Log Viewer presents log data as a log entry in a table; a log entry contains the details
of the traffic that triggered the log, such as IP address, port number, and source and
destination zones. This log data is also automatically used to generate predefined reports,
helping you to interpret event information in a specific context. To perform your own
investigation, use the Log Investigator to view cross-tabulations between sources,
destinations, subcategories, and destination ports.
The Audit Log Viewer presents log entries triggered by administrative changes (changes
made to the NSM system). An audit log entry includes details about the administrative
event, such as the administrator name, timestamp of the change, and job details.
You can configure each managed device to generate and export specific log records to
multiple formats and locations, such as syslog, xml, or e-mail servers. You can also
forward logs that meet specified criteria to predefined formats and locations.
This chapter contains the following sections:
About Logging on page 739
Viewing Logs on page 742
Configuring the Device for Logging on page 743
Using the Log Viewer on page 756
Using the Log Investigator on page 778
Using the Audit Log Viewer on page 788
Managing Log Volume on page 793
Forwarding Logs on page 796
Logging is the act of recording information about an event. In NSM, each event that occurs
on your network or in your management system can be recorded and stored as a log
entry. To view log entries from the NSM UI, you can use one or more of the logging-related
UI components, such as the Log Viewer or the Log Investigator.
739
Advertisement
Table of Contents
