User manual JUNIPER NETWORKS JUNIPER NETWORKS STRM TECHNICAL NOTE REV 6-2008

Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!

If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Lastmanuals provides you a fast and easy access to the user manual JUNIPER NETWORKS JUNIPER NETWORKS STRM. We hope that this JUNIPER NETWORKS JUNIPER NETWORKS STRM user guide will be useful to you.

Lastmanuals help download the user guide JUNIPER NETWORKS JUNIPER NETWORKS STRM.


Mode d'emploi JUNIPER NETWORKS JUNIPER NETWORKS STRM
Download
Manual abstract: user guide JUNIPER NETWORKS JUNIPER NETWORKS STRMTECHNICAL NOTE REV 6-2008

Detailed instructions for use are in the User's Guide.

[. . . ] JUNIPER NETWORKS STRM TECHNICAL NOTE USING EXTENSION DOCUMENTS JUNE 2008 Device extensions allow you to modify how a DSM parses logs, which is useful for resolving parsing issues. However, before you define a device extension, you must build an extension document. This document provides information on defining an extension document including: · · · · About Extension Documents Understanding Extension Document Elements Creating Extension Documents Device Type IDs This document assumes an advanced knowledge of XML coding. About Extension Documents The extension document is specified in Extensible Markup Language (XML) format. You can create and edit the document using any common word processing application. [. . . ] Specify the destination port for the message. Specify the destination IP address for the message before NAT occurs. Specify the destination IP address for the message after NAT occurs. Specify the destination port for the message before NAT occurs. DestinationPortPostNAT Specify the destination port for the message after NAT occurs. DestinationMAC DeviceTime Specify the destination MAC address for the message. Specify the time that the event was sent, according to the device (this is NOT the time that the event arrived). STRM detects timestamps in the following formats: · Valid syslog timestamp in the form of mm dd hh:mm:ss, for example: Jan 13 12:33:10 Current locale timestamp · Any other formats will not properly convert. Release 2008. 2 6 Table 4 Matcher Field Names (continued) Field Name Protocol Description Specify the protocol associated with the event; for example, TCP, UDP, or ICMP. If a protocol is not properly parsed out of a message, ports that were parsed may not appear in STRM (it only displays ports for port-based protocols). UserName HostName GroupName NetBIOSName Specify the user name associated with the event. Specify the host name associated with the event. This field is usually only associated with identity events. Specify the group name associated with the event. This field is usually only associated with identity events. Specify the NetBIOS name associated with the event. This field is usually only associated with identity events. Single-Event Modifier (event-match-single) Single-event modifier (event-match-single) matches (and subsequently modifies) exactly one type of event, as specified by the required, case-sensitive EventName parameter. This entity allows mutation of successful events by changing the device event category, severity, or the method for sending identity events. When events matching this event name are parsed, the device category, severity, and identity properties are imposed upon the resulting event. An event-match-single entity consists of three optional properties: Table 5 Single-Event Modifier Parameters Parameter Description device-event-category Specify a new category for searching in the QID for the event. This is an optimizing parameter, since some devices have the same category for all events. severity Specify the severity of the event. This parameter must be an integer value between 1 and 10. If a severity of less than 1 or greater than 10 is specified, the system defaults to 5. If not specified, the default is whatever is found in the QID. Release 2008. 2 Creating Extension Documents 7 Table 5 Single-Event Modifier Parameters (continued) Parameter send-identity Description Specifies the sending of identity change information from the event. [. . . ] Although a second protocol pattern does not occur in the event being used as an example, there is a second protocol pattern defined with an order of two. If the lowest-ordered protocol pattern does not match, the next one is attempted (and so on). The second protocol pattern also demonstrates the concept of a direct substitution; there are no match groups in the pattern, but with the enable-substitutions parameter enabled, the text TCP can be used in place of protocol=6. Uploading Extension Documents Multiple extension documents can be created, uploaded, and associated to various device types. [. . . ]

DISCLAIMER TO DOWNLOAD THE USER GUIDE JUNIPER NETWORKS JUNIPER NETWORKS STRM

Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets...
In any way can't Lastmanuals be held responsible if the document you are looking for is not available, incomplete, in a different language than yours, or if the model or language do not match the description. Lastmanuals, for instance, does not offer a translation service.

Click on "Download the user manual" at the end of this Contract if you accept its terms, the downloading of the manual JUNIPER NETWORKS JUNIPER NETWORKS STRM will begin.

Search for a user manual

 

Copyright © 2015 - LastManuals - All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.

flag