Sending IDP and traffic logs to a syslog server in SRX

If you want to forward your IDP and traffic session logs to a syslog server, here is how we can do it;

1) First inside the security policy we should set that we want to log session initiations e.g;

2) Then syslog server configuration;

After this we should be able to log our traffic logs to the syslog server
As you might see there is RT_IDP regular expression string for IDP logs as well. If you set the following configuration under
IDP rule base, you will also log IDP notifications.

3) IDP notifications

You have a feedback?

This site uses Akismet to reduce spam. Learn how your comment data is processed.