On 9/1/08, SunnyDay <[EMAIL PROTECTED]> wrote: > Hello > > Is there anyway to log failed login attempts to SSG firewalls?
Failled login should appear in the event log: 2008-09-01 10:46:56 warning Admin user "netscreen" login attempt for Web(http) management (port 80) from x.x.x.x:62851 failed. 2008-09-01 10:46:56 warning Admin user netscreen has been rejected via the TACACS server at x.x.x.x. 2008-09-01 10:46:54 warning ADM: Local admin authentication failed for login name netscreen: invalid password In case of multiple login failure a critical event is raised: 2008-09-01 11:01:20 crit Multiple login failures occurred for user a from IP address x.x.x.x:62913 These messages can be sent to NSM and a syslog server. Critical events can also raise a snmp trap. Sidney _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp