Example: Setting Filters In The Log Investigator - Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide
784
Table 106: Log Investigator Filters (continued)
Filter Type
Device Filters
Transmission Type Filter
Port Filters
Policy Filters
Alarm Filters
Miscellaneous Filters
NOTE: For a complete list of log entry columns available for filtering, see
"Log Viewer Columns" on page 760.
After you have set a filter, the Filter Summary displays a list of all filters applied to the
log entry data and the Log Investigator matrix displays values for matching log entries.

Example: Setting Filters in the Log Investigator

In this example, the Left Axis is set to Top Sources and the Top Axis is set to Top
Destinations (these are the default settings). To set a filter that displays all attack
category log entries generated by the Top Sources and received by the Top Destinations:
Sample Filters Description
Device Identifies device names, device versions, and
device types.
Device Domain Ver
Device family
Has Packet Data Identifies transmissions if they are seen as
packets.
Src Port Identifies packets based on the port on a
device from which they were transmitted or
Dst Port
on the port on a device to which they were
transmitted.
NAT Src Port
NAT Dst Port
Policy Identifies packets based on whether they
meet the conditions of a policy or a rule.
Rule #
Policy ID
User Flag Identifies the severity level of a generated
alarm.
Severity
Details Various
Protocol
Category
Alert
Roles
User
Application name
Copyright © 2010, Juniper Networks, Inc.