Configure Netscreen Syslog storage to the LinuxSyslog Server

Source: Internet
Author: User
Configure the syslogs of Netscreen to be stored on the Linux Syslog Server-Linux Enterprise Application-Linux server application. For details, see the following. When I went on a business trip to Hebei province two days ago to debug the Netscreen500 firewall of Juniper for a Netcom company, they asked me to store the logs recorded by the firewall to the log server created on the Linux platform, if you still have such information, we will discuss and share it with you. we will share with you how to configure Syslog.

Configure Netscreen Syslog storage to Linux Syslog Server

Store the Syslog information of the IDC firewall (x. x. x.65) to the Syslog server (x. x. x.116) to track the Firewall Status and Log check.

Syslog Server Configuration:

   1. Configure Syslogd

Change the/etc/syslog. conf configuration file and add the following parts:

# Save Debug Message of Netscreen (x. x. x.65) to ns. log
Local1. */var/log/ns. log

Store the information of the local1 device (facility) in/var/log/ns. log. This configuration allows you to store the log information of different devices in different files for ease of viewing.

   2. Configure logrotate

The logrotate program in Linux is used to poll log files. You can save multiple log files by specifying the file size, time, and other configurations.

Change the/etc/logratate. conf file and add the following parts:

/Var/log/ns. log {
Rotate 10

Set the file ns stored in syslog. logs are saved every week. A total of 10 files are saved, that is, they are saved as ns in the first week. log. The file name of this week will be changed to ns by next Monday. log.1, and so on.

   3. Restart syslogd
Service syslog restart

Netscreen Configuration:

   1. View log levels
Get event level

You can see the current netscreen event level, for example:

Alert level 1: immediate action is required
Critical level 2: functionality is affected
Debug level 7: detailed information for troubleshooting
Emergency level 0: system is unusable
Error level 3: error condition
Information level 6: general information about operation
Notification level 5: normal events
Warning level 4: functionality may be affected

Select the desired level. Here we select the Debug information.

   2. Configure Syslog
Set syslog config "x. x. x.116" "local7" "local1"
Set syslog enable
Set syslog traffic

The first is syslog configuration, which stores syslog data to x. x. x.116 is the syslog server, local7 (security facility) is the Debug Level we saw earlier, and local1 is the device (facility). Do you still remember the local1 we configured in linux syslog?

Second, enable syslog.

Article 3 record the traffic information in syslog.

   3. Save it.

View syslog:

If you want to view syslog data on the syslog server,/var/log/ns. log. If you want to view log information in real time, tail-f/var/log/ns. log
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.