I'm trying to enable security logging via 'mode stream'. However, it does
not appear to work.
Upon commit, this is sent on syslog:
RT_FLOW[1223]: UI_CONFIGURATION_ERROR: Process: rtlogd, path: [edit security
log], statement: stream splunk, Stream has no meaning when system-event-mode
is on
My config appears to be rudimentary:
scameron@sdc01fw01b# show security log
mode stream;
source-address 172.30.244.1;
stream splunk {
severity info;
format syslog;
category all;
host {
172.30.249.101;
port 514;
}
}
If I switch from mode stream to event, my policy logging works fine.
Anyone encountered this?
Scott
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
