Traffic reporting on the Juniper Netscreen can be achieved via a number of methods. Various tools and features are available such as the Netscreen Security Manager (NSM), 3rd Party applications along with numerous reporting features on the device itself. This article will look at how to create traffic reports by using just 1. a Netscreen device and 2. some Linux scripting.
1. COMMENTS
The following example is based upon creating a report based on the total number of bytes sent on an individual policy per source IP.
2. STEPS
2.1. DOWNLOAD REPORT
- Within the Web UI of the Netscreen device.
- Go to “Policies”.
- Under the Policy (you want to report on) click “Logging” within the Options section.
- At the top of the screen click “Save”.
2.2. CUSTOMISE REPORT
Using the report you previously saved we can now total the bytes on a per source IP basis using a few Linux commands :
$ awk /sec/' { print $4,$9 } ' netscreen-downloaded-report.txt | sed 's/:.* / /g' | awk '!/sou
rce/{a[$1]+=$2}END{for(item in a)printf("Source IP: %s\tTotal bytes: %s\n",item,a[item])}'
Source IP: 172.16.1.7 Total bytes: 913644
Source IP: 172.16.1.8 Total bytes: 1905908
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial