Which will show up in the NSM logs as a semi-useless "Self log" like PFE_FW_SYSLOG_IP messages or actually be parsed?
On 9/7/2010 at 4:45 PM, Ben Dale <bd...@comlinx.com.au> wrote: > You aren't the only ones! > > Fortunately the "screen logs" feature is being introduced in JUNOS 10.4 > which will log when a screen threshold is reached: > > Sep 8 09:43:31 rtlogd: receives log RT_SCREEN_TCP from RT_IDS at severity > 3, miscellaneous string=Port scan! source: 172.16.10.23:54326, destination: > 172.16.10.254:712, zone name: LAN, interface name: vlan.10, action: drop, > attribute-list=attack-name 10 Port scan! source-address 12 172.16.10.23 > source-port 5 54326 destination-address 13 172.16.10.254 destination-port 3 > 712 source-zone-name 3 LAN interface-name 7 vlan.10 action 4 drop > > > > On 08/09/2010, at 5:41 AM, Jérôme Fleury wrote: > >> Hi Fahad, >> >> that's a good question. I've been searching for a long time, and could >> not find neither... I'm not even able to see them on my STRM, which >> defeats completely the purpose of this appliance. >> >> On Tue, Sep 7, 2010 at 12:02, Fahad Khan <fahad.k...@gmail.com> wrote: >>> Hi Folks, >>> >>> Can some body tell me that how can I see the logs of the attack packets >>> generated by some source for let say "port scan", "IP spoof" etc >>> >>> Thanks in adv, >>> >>> regards, >>> >>> Muhammad Fahad Khan >>> JNCIP - M/T # 834 >>> IT Specialist >>> Global Technology Services, IBM >>> fa...@pk.ibm.com >>> +92-301-8247638 >>> Skype: fahad-ibm >>> http://pk.linkedin.com/in/muhammadfahadkhan >>> _______________________________________________ >>> juniper-nsp mailing list juniper-nsp@puck.nether.net >>> https://puck.nether.net/mailman/listinfo/juniper-nsp >>> >> _______________________________________________ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp