Email NetScreen Traffic Log

To have a NetScreen firewall's traffic log sent to an email address on a regular basis, you can use either the Web User Interface (WebUI) or the Command Line Interface (CLI), which you could obtain by logging into the firewall by SSH.

Applies to: NS-5GT, NS-5XP, NS-5XT, NS-25, NS-50, NS-204, NS-208, NS-5200, and NS-5400

Web User Interface (WebUI)

  1. Log into the firewall via the Web User Interface.
  2. Click on Configuration to expand the list of options beneath it.
  3. Click on Report Settings to expand the list of options beneath it.
  4. Click on Email, which will result in the form below being displayed.

    Enable E-mail Notification for Alarms
    Include Traffic Log:
    SMTP Server Name:
    E-mail Address 1:
    E-mail Address 2:
     
     
  5. Compete the form. Check "enable e-mail notifications for alarms and "include traffic log". If you want to send the log to 2 email addresses, provide both.

    Enable E-mail Notification for Alarms
    Include Traffic Log:
    SMTP Server Name:
    E-mail Address 1:
    E-mail Address 2:
     
     

Command Line Interface (CLI)

As an alternative to using the WebUI method covered above, you can use the CLI method, instead, by typing the commands below:

  1. set admin mail server-name smtp_server

    smtp_server is either the name or IP address of the SMTP server that the firewall should use for sending out email.

    Example: The following command specifies a SMTP server at IP address 10.1.10.10:

    set admin mail server-name 10.1.10.10

  2. set admin mail mail-addr1 email-address-1

    Example: The following command configures the email address jdoe@example.com to receive alerts and traffic logs.

    set admin mail mail-addr1 jdoe@example.com

  3. If you want to send alerts and the traffic logs to a second email address as well, use the command below:

    set admin mail mail-addr2 email-address-2

    Example: The following command configures the email address admin@example.com, as well as the first specified email address, to receive alerts and traffic logs.

    set admin mail mail-addr2 admin@example.com

  4. set admin mail alert

    This command enables email notification for alarms. It has the same effect as checking the "Enable E-mail Notification for Alarms" field using the WebUI.

  5. set admin mail traffic-log

    This command generates a log of network traffic handled by the NetScreen device. The traffic log can contain a maximum of 4,096 entries. The NetScreen device sends a copy of the log file to each specified e-mail address This happens when the log is full, or every 24 hours, depending upon which occurs first.

As an example, the following commands could be used to achieve the same effect as the WebUI configuration method.

ns5gt-> set admin mail server-name mail.example.com
ns5gt-> set admin mail mail-addr1 jdoe@example.com
ns5gt-> set admin mail mail-addr2 admin@example.com
ns5gt-> set admin mail alert
ns5gt-> set admin mail traffic-log

Note: There must be at least one policy that has logging enabled for the NetScreen device to send out traffic log email.

If you wish to use TFTP to obtain the traffic log, see Send NetScreen Traffic Log to a TFTP Server.

References:

  1. How Do I Enable Traffic Log Email From the NetScreen Device?
    Knowledge Base ID: KB6608
    Version: 4.0
    Published: 19 Oct 2008
    Updated: 19 Oct 2008
    Juniper Networks - Knowledge Base
  2. NetScreen CLI Reference Guide
    Version 5.0.0-IDP1
    Command Descriptions
    P/N 093-1514-000
    Juniper Networks, Inc.

Valid HTML 4.01 Transitional

Created: May 20, 2009