Hi Ben, Thanx! We'll play with it :)
Maarten -----Oorspronkelijk bericht----- Van: Ben Dale [mailto:bd...@comlinx.com.au] Verzonden: dinsdag 24 september 2013 9:16 Aan: Maarten van der Hoek CC: juniper-nsp@puck.nether.net Onderwerp: Re: [j-nsp] SRX Command Just blew the dust off it and it still works ; ) http://pastebin.com/xiszACPf If you're applying this to a chassis cluster, you may need to replace the line: for-each ($policies-list/security-context/policies) { with for-each ($policies-list/multi-routing-engine-item/security-context/policies) { Enjoy, Ben On 24/09/2013, at 4:43 PM, Maarten van der Hoek <maar...@vanderhoek.nl> wrote: > Hi Ben, > > Did you succeed in building that script ? > (e.g. do you have it somewhere ? ;-) ) > > We've been playing with exports and then import in Excel...but still > not very nice.. > A better solution would be nice. > (we can't you Junos-Space / or so because most deployments are in > separate Small / Branch offices) > > Brgds, > > Maarten van der Hoek > > -----Oorspronkelijk bericht----- > Van: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] Namens > Ben Dale > Verzonden: dinsdag 24 september 2013 6:46 > Aan: Edward Dore > CC: juniper-nsp@puck.nether.net; Harri Makela > Onderwerp: Re: [j-nsp] SRX Command > > After I spent a bit of time building an op script to print policy > matches out in a nicely formatted table, I notice that this feature is > now available for all policies even without the "then count" action from 12.1: > > show security policies hit-count > > Cheers, > > Ben > > On 24/09/2013, at 8:45 AM, Edward Dore > <edward.d...@freethought-internet.co.uk> wrote: > >> You'll need to add the "count" action to the "then" statement on each > security policy if you want to track the number of times that the > policy has been matched. >> >> Edward Dore >> Freethought Internet >> >> On 23 Sep 2013, at 23:08, Harri Makela wrote: >> >>> Hi All >>> >>> Is there any command in SRX which I can use to check "number of >>> times FW > policy has been used". Actually I want to clear all FW policies which > are not being used for last 12 months or so. I don`t know much about > scripting but can try to get some help if I can think of a command > which can be rung through different zones combinations. >>> >>> >>> Thanks in Advance ! >>> HM >>> _______________________________________________ >>> juniper-nsp mailing list juniper-nsp@puck.nether.net >>> https://puck.nether.net/mailman/listinfo/juniper-nsp >> >> _______________________________________________ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp