DescriptionIndeni will verify that certain syslog servers are configured on a monitored device.
Remediation StepsModify the device's configuration as required.
1. On the device command line interface execute "show system syslog" command to review system log configuration.
2. Check if the syslog server is accessible.
3. Check if the severity level is set properly to ensure that the traffic log messages are captured.
4. Consider specifying two remote syslog servers to which system logs are sent.
5. Review the following article on Juniper TechLibrary for more information: SRX Getting Started - Configure System Logging.
How does this work?This script retrieves how the syslog servers are configured on the SRX device by running the command "show configuration system syslog" via SSH connection to a device.
Why is this important?The SRX device can send log messages to the remote syslog servers.
Without Indeni how would you find this?An administrator could log on to the device to run the command "show configuration system syslog" to collect the same information.
View Source Code