Skip to content

Juniper Networks Firewall

Chronicle supports ingesting Juniper Networks firewall security logs

Chronicle Data Types

  • JUNIPER_FIREWALL

Configuration

Reference: Setting the System to Stream Security Logs Guide

Enter the following commands from the CLI:

  • set security log mode stream
  • set security log source-address Device-IP
  • set security log stream cyderes host CYCLOPS-IP
  • set security log stream cyderes format sd-syslog
  • set security log stream cyderes category all

To confirm the security log configuration, run the following command:

  • show security log

An output similar to this should display:

mode stream;
source-address <Device-IP>;
stream cyderes {
    format sd-syslog;
    category all;
    host {
        <CYCLOPS-IP>;
    }
}