Page Comparison

Table of Contents

maxLevel	2
minLevel	2
type	flat

...

- IP → <Juniper IP address>
- Source Port → 514
- Target Tag → all the rest as firewall.juniper.isg.system

Firewall Juniper SRX Series

...

Code Block

set security policies global policy default-deny match source-address any
set security policies global policy default-deny match destination-address any
set security policies global policy default-deny match application any
set security policies global policy default-deny then deny
set security policies global policy default-deny then log session-ini

Table structure

Rw ui tabs macro

Rw tab

isMissingRequiredParameters	true

firewall.juniper.nsm.traffic

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
logDayId	`str`	-
logRecordId	`str`	-
timeReceived	`timestamp`	-
timeGenerated	`timestamp`	-
deviceDomain	`str`	-
deviceDomainVer	`str`	-
deviceName	`str`	-
deviceIp	`ip4`	-
category	`str`	-
subCategory	`str`	-
srcZone	`str`	-
srcIface	`str`	-
srcIp	`ip4`	-
srcIp_str	`str`	-
srcPort	`int4`	-
srcXIp	`ip4`	-
srcXPort	`int4`	-
dstZone	`str`	-
dstIface	`str`	-
dstIp	`ip4`	-
dstPort	`int4`	-
dstXIp	`ip4`	-
dstXPort	`int4`	-
proto	`str`	-
policyDomain	`str`	-
policyDomainVer	`str`	-
policyName	`str`	-
rulebase	`str`	-
ruleNumber	`str`	-
ruleNumber2	`str`	-
action	`str`	-
severity	`str`	-
isAlert	`str`	-
details	`str`	-
user	`str`	-
app	`str`	-
uri	`str`	-
elapsedSecs	`int4`	-
bytesIn	`int8`	-
bytesOut	`int8`	-
bytesTotal	`int8`	-
pktsIn	`int4`	-
pktsOut	`int4`	-
pktsTotal	`int4`	-
repeatCount	`int4`	-
hasData	`str`	-
data	`str`	-
appliService	`str`	-
deviceFamily	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

firewall.juniper.srx.idp

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
type	`str`	-
attack_name	`str`	-
source_address	`ip4`	-
source_port	`int4`	-
destination_address	`ip4`	-
destination_port	`int4`	-
protocol_id	`str`	-
source_zone_name	`str`	-
interface_name	`str`	-
action	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

firewall.juniper.srx.probe

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
type	`str`	-
interfaceName	`str`	-
name	`str`	-
testOwner	`str`	-
snmpInterfaceIndex	`str`	-
testName	`str`	-
message	`str`	-
adminStatus	`str`	-
operationalStatus	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

firewall.juniper.srx.traffic

...

Field

...

Type

...

Extra Label

...

eventdate

...

timestamp

...

-

...

machine

...

str

...

-

...

tag

...

str

...

✓

...

version

...

str

...

-

...

action

...

str

...

-

...

srcIp

...

ip4

...

-

...

srcIp_str

...

str

...

-

...

srcPort

...

int4

...

-

...

dstIp

...

ip4

...

-

...

dstPort

...

int4

...

-

...

service

...

str

...

-

...

srcXIp

...

ip4

...

-

...

srcXPort

...

int4

...

-

...

dstXIp

...

ip4

...

-

...

dstXPort

...

int4

...

-

...

natConnetionTag

...

str

...

-

...

srcNatRuleType

...

str

...

-

...

srcNatRule

...

str

...

-

...

dstNatRuleType

...

str

...

-

...

dstNatRule

...

str

...

-

...

srcNatIp

...

ip4

...

-

...

dstNatIp

...

ip4

...

-

...

proto

...

int4

...

-

...

protoStr

...

str

...

-

...

policy

...

str

...

-

...

srcZone

...

str

...

-

...

dstZone

...

str

...

-

...

session

...

int4

...

-

...

reason

...

str

...

-

...

cliPkts

...

int4

...

-

...

cliBytes

...

int8

...

-

...

srvPkts

...

int4

...

-

...

srvBytes

...

int8

...

-

...

duration

...

int4

...

-

...

app

...

str

...

-

...

app2

...

str

...

-

...

user

...

str

...

-

...

roles

...

str

...

-

...

iface

...

str

...

-

...

icmpType

...

int4

...

-

...

structuredData

...

str

...

-

...

encrypted

...

str

...

-

...

connectionTag

...

str

...

-

...

unknown

...

str

...

-

...

rawMessage

...

str

...

✓

...

hostchain

...

str

...

✓

Rw tab

title	Tables 3-6

firewall.juniper.srx.

...

traffic

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
serverdate	`str`	-
hostname	`str`	-
process_name	`str`	-
pid	`str`	-
log_type	`str`	-
platform	`str`	-
username	`str`	-
authentication_level	`str`	-
client_ip	`ip4`	-
client_port	`str`	-
destination_ip	`ip4`	-
destination_port	`str`	-
message	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

firewall.juniper.srx.utm

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
srcIp	`ip4`	-
srcIp_str	`str`	-
srcPort	`int4`	-
dstIp	`ip4`	-
dstPort	`int4`	-
name	`str`	-
error_message	`str`	-
profile_name	`str`	-
object_name	`str`	-
pathname	`str`	-
username	`str`	-
roles	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

firewall.juniper.system

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
product	`str`	-
devModel	`str`	-
devId0	`str`	-
severity	`str`	-
type	`int4`	-
message	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

firewall.juniper.traffic

Field	Type	Extra Label
eventdate	`timestamp`	-
machine	`str`	-
product	`str`	-
devModel	`str`	-
devId	`str`	-
severity	`str`	-
type	`int4`	-
startTime	`timestamp`	-
duration	`int4`	-
policyId	`int8`	-
service	`str`	-
protocol	`int4`	-
protoStr	`str`	-
srcZone	`str`	-
dstZone	`str`	-
action	`str`	-
cliPkts	`int4`	-
bytesSend	`int8`	-
srvPkts	`int4`	-
bytesRecv	`int8`	-
srcIp	`ip4`	-
srcIp_str	`str`	-
dstIp	`ip4`	-
srcPort	`int4`	-
dstPort	`int4`	-
icmpType	`int4`	-
icmpCode	`int4`	-
sessionId	`int8`	-
srcXIp	`ip4`	-
srcXPort	`int4`	-
dstXIp	`ip4`	-
dstXPort	`int4`	-
reason	`str`	-
version	`str`	-
pid	`str`	-
natConnetionTag	`str`	-
srcNatRuleType	`str`	-
srcNatRule	`str`	-
dstNatRuleType	`str`	-
dstNatRule	`str`	-
srcNatIp	`ip4`	-
dstNatIp	`ip4`	-
policy	`str`	-
user	`str`	-
roles	`str`	-
iface	`str`	-
app	`str`	-
app2	`str`	-
encrypted	`str`	-
structuredData	`str`	-
unknown	`str`	-
rawMessage	`str`	✓
hostchain	`str`	✓
tag	`str`	✓

Versions Compared

Old Version 5

New Version 6

Key

Firewall Juniper SRX Series

Table structure

firewall.juniper.nsm.traffic

firewall.juniper.srx.idp

firewall.juniper.srx.probe

firewall.juniper.srx.traffic

firewall.juniper.srx.

traffic

firewall.juniper.srx.utm

firewall.juniper.system

firewall.juniper.traffic

Related articles