Event Alarm Log Entries; Traffic Alarm Log Entries - Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual

Copyright © 2010, Juniper Networks, Inc.
Category (Screen)
Subcategory (for details on Screen subcategories, see Appendix E. )
Severity

Event Alarm Log Entries

The device generates event alarms for any security event that has a predefined severity
level of emergency, critical, or alert. Event alarms generate log entries that appear in the
Alarm category.
To receive event alarm log entries, you must:
Enable the device to generate event alarm log entries for NSM in Report Settings >
NSM.
Enable the device to send log entries with emergency, alert, and critical severity settings
to NSM.
Event alarms appear in the Log Viewer under the Alarm category. For details on Attack
subcategories, see "Alarm Log Entries" on page 873.

Traffic Alarm Log Entries

The device generates traffic alarm log entries when your device detects network traffic
that exceeds the specified alarm threshold in a security policy rule. The traffic alarm log
entry, which displays in the Log Viewer, describes the security event that triggered the
alarm. Traffic alarms generate log entries that appear in the Alarm category.
To receive traffic alarm log entries, you must:
Enable the device to generate traffic alarm log entries for NSM in Report Settings >
NSM.
Enable the device to send log entries with the desired severity settings to NSM.
Enable counting and alarms in the security policy installed on the device. For details
on configuring traffic alarm logging in your security policy rules, see "Configuring
Counting and Alarms" on page 457.
Traffic alarms appear in the Log Viewer under the Alarm category. For details on alarm
subcategories, see "Alarm Log Entries" on page 873.
Alarm log entries contain information in the following Log Viewer columns:
To Zone
From Zone
Source IP
Destination IP
Threshold (displayed in the Misc. column of the Log Viewer)
Chapter 19: Logging
747