Hi all. We have a Juniper SRX cluster in an active/passive configuration deployed at our site and we are trying to forward logs to a syslog server. Following the Juniper guides I have configured the following:
show configuration system syslog
archive size 128k files 50 world-readable;
user * {
any emergency;
}
host x.x.x.x {
any any;
port 8182;
source-address y.y.y.y;
structured-data;
}
file messages {
any warning;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
file interface_logs {
any any;
match UpDown;
}
file IDS_messages { --> this was created in an attempt to capture messages from screen but it's not working
any any;
match ASP_;
}
and
show configuration security log
mode stream;
format sd-syslog;
source-address y.y.y.y;
stream SRX_log {
category all;
host {
x.x.x.x;
port 8182;
}
}
On the server side we are not seeing that there are any logs incoming. From the SRX we can ping the syslog server using a routing instance.
Any help why the SRX is not sending or storing logs would be quite welcome.