Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About tmichiels
tmichiels
Explorer
Member since:
05-17-2011
06-05-2020
Community Statistics
| Posts | 5 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 1 |
| Member Since | 05-17-2011 |
Activity Feed
- Got Karma for juniper netscreen (screenos) traffic log report. 06-05-2020 12:45 AM
- Posted Re: after converting trial to free we get error "Daily indexing volume limit exceeded." on Deployment Architecture. 01-30-2012 02:10 AM
- Posted after converting trial to free we get error "Daily indexing volume limit exceeded." on Deployment Architecture. 01-13-2012 06:26 AM
- Tagged after converting trial to free we get error "Daily indexing volume limit exceeded." on Deployment Architecture. 01-13-2012 06:26 AM
- Posted Juniper SSG (screenos)Traffic report on All Apps and Add-ons. 08-09-2011 10:50 AM
- Posted Juniper SSG (screenos)Traffic report on Reporting. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on Reporting. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on All Apps and Add-ons. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on Reporting. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on All Apps and Add-ons. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on Reporting. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on All Apps and Add-ons. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on Reporting. 08-09-2011 10:50 AM
- Tagged Juniper SSG (screenos)Traffic report on All Apps and Add-ons. 08-09-2011 10:50 AM
- Posted juniper netscreen (screenos) traffic log report on All Apps and Add-ons. 05-18-2011 01:25 PM
- Tagged juniper netscreen (screenos) traffic log report on All Apps and Add-ons. 05-18-2011 01:25 PM
- Tagged juniper netscreen (screenos) traffic log report on All Apps and Add-ons. 05-18-2011 01:25 PM
- Tagged juniper netscreen (screenos) traffic log report on All Apps and Add-ons. 05-18-2011 01:25 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 1 |
01-30-2012
02:10 AM
Dear Splunk,
Please give us a solution for this ?
thx
... View more
01-13-2012
06:26 AM
Error : Daily indexing volume limit exceeded. See License Manager for details.xLicense warning issued within past 24 hours (Fri Jan 13 00:00:00 2012 Romance Standard Time). See License Manager for details
Last 24h index status:
series sum(MB)
_internal 29.7315712415
main 8.6885786455
_audit 0.196688716
And we never hit more than 50 MB/day, so I don't get this?
Now can't do anything anymore?
What went wrong and how to solve?
... View more
- Tags:
- license-violation
08-09-2011
10:50 AM
Being a newbie with splunk, I don't get much further than installing splunk and having a listener set up to which the SSG sends it syslog data.
I need to make traffic reports out of the traffic logs from certain firewall policies.
The output should be a table with following colums:
Source IP | total recv'd data | total sent data | total of recv'd+sent
192.168.1.x | 400 MB | 100 MB | 500 MB
192.168.1.y | 150 MB | 1 GB | 1,15 GB
...
The input is, as said, ScreenOS syslog data in the form of:
Aug 9 19:39:56 192.168.163.2 gw0-NLA: NetScreen device_id=gw0-NLA [Root]system-notification-00257(traffic): start_time="2011-08-09 19:39:51" duration=5 policy_id=1 service=http proto=6 src zone=Trust dst zone=Untrust action=Permit sent=134 rcvd=70 src=192.168.163.26 dst=193.203.32.20 src_port=4090 dst_port=80 src-xlated ip=81.83.5.18 port=3303 dst-xlated ip=193.203.32.20 port=80 session_id=15683 reason=Close - TCP RST
Aug 9 19:39:56 192.168.163.2 gw0-NLA: NetScreen device_id=gw0-NLA [Root]system-notification-00257(traffic): start_time="2011-08-09 19:39:52" duration=4 policy_id=1 service=http proto=6 src zone=Trust dst zone=Untrust action=Permit sent=198 rcvd=70 src=192.168.163.26 dst=193.203.32.20 src_port=3789 dst_port=80 src-xlated ip=81.83.5.18 port=4243 dst-xlated ip=193.203.32.20 port=80 session_id=15984 reason=Close - TCP RST
Aug 9 19:39:56 192.168.163.2 gw0-NLA: NetScreen device_id=gw0-NLA [Root]system-notification-00257(traffic): start_time="2011-08-09 19:39:25" duration=31 policy_id=1 service=http proto=6 src zone=Trust dst zone=Untrust action=Permit sent=11610 rcvd=318968 src=192.168.163.26 dst=193.203.32.39 src_port=3293 dst_port=80 src-xlated ip=81.83.5.18 port=2988 dst-xlated ip=193.203.32.39 port=80 session_id=15342 reason=Close - TCP RST
gw0-NLA
Does somebody has experience with this and could give me some hints?
thanks!
... View more
08-09-2011
10:50 AM
Being a newbie with splunk, I don't get much further than installing splunk and having a listener set up to which the SSG sends it syslog data.
I need to make traffic reports out of the traffic logs from certain firewall policies.
The output should be a table with following colums:
Source IP | total recv'd data | total sent data | total of recv'd+sent
192.168.1.x | 400 MB | 100 MB | 500 MB
192.168.1.y | 150 MB | 1 GB | 1,15 GB
...
The input is, as said, ScreenOS syslog data in the form of:
Aug 9 19:39:56 192.168.163.2 gw0-NLA: NetScreen device_id=gw0-NLA [Root]system-notification-00257(traffic): start_time="2011-08-09 19:39:51" duration=5 policy_id=1 service=http proto=6 src zone=Trust dst zone=Untrust action=Permit sent=134 rcvd=70 src=192.168.163.26 dst=193.203.32.20 src_port=4090 dst_port=80 src-xlated ip=81.83.5.18 port=3303 dst-xlated ip=193.203.32.20 port=80 session_id=15683 reason=Close - TCP RST
Aug 9 19:39:56 192.168.163.2 gw0-NLA: NetScreen device_id=gw0-NLA [Root]system-notification-00257(traffic): start_time="2011-08-09 19:39:52" duration=4 policy_id=1 service=http proto=6 src zone=Trust dst zone=Untrust action=Permit sent=198 rcvd=70 src=192.168.163.26 dst=193.203.32.20 src_port=3789 dst_port=80 src-xlated ip=81.83.5.18 port=4243 dst-xlated ip=193.203.32.20 port=80 session_id=15984 reason=Close - TCP RST
Aug 9 19:39:56 192.168.163.2 gw0-NLA: NetScreen device_id=gw0-NLA [Root]system-notification-00257(traffic): start_time="2011-08-09 19:39:25" duration=31 policy_id=1 service=http proto=6 src zone=Trust dst zone=Untrust action=Permit sent=11610 rcvd=318968 src=192.168.163.26 dst=193.203.32.39 src_port=3293 dst_port=80 src-xlated ip=81.83.5.18 port=2988 dst-xlated ip=193.203.32.39 port=80 session_id=15342 reason=Close - TCP RST
gw0-NLA
Does somebody has experience with this and could give me some hints?
thanks!
... View more
05-18-2011
01:25 PM
1 Karma
Hi does anyone has experience with creating a report from a Juniper Netscreen (ScreenOS) traffic log?
My customer needs a report with all unique IP's and their received and their sent data during a specific period. Any idea how to do this ?
Furthermore is it possible to add names to these IP's ?
thx
... View more
