Table of Contents
Advertisement
Network and Security Manager Administration Guide
Example: Using Administrative Reports to Track Incidents
826
In this example, firewall administrators use the Log Viewer to monitor and investigate
log events. They are specifically interested in configuration changes that are causing
outages sporadically throughout the network. When they encounter a configuration log
that seems out of the ordinary, they flag the log by using the predefined flag type
"Investigate". To flag a log entry, right-click on the log and select Flag > Investigate from
the drop down menu.
After completing their investigation, they change the flag to either "Closed" or "Assigned"
for further investigation. During normal operations, firewall administrators investigate
over 200 log entries per day.
You are a network manager interested in the progress of the investigation. To help track
the progress, you generate a "Logs by User-set Flag" report, as shown in Figure 116 on
page 826.
By setting the duration of the report to one week, you can determine the total number
of log entries flagged for investigation, total closed, and total assigned for further analysis.
Figure 116: Logs by User-Set Flag Report
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
