Enabling Attack and IP-Action Logging (CLI Procedure)
To enable attack and ip-action logging, perform the following steps:
Enable attack logs
[edit security idp]user@host# set idp idp-policy AppDDoS-policy-name rulebase-ddos rule AppDDoS-rule-name then notification
log-attacks
Enable ip-action logs
[edit security idp]user@host# set idp-policy AppDDoS-policy-name rulebase-ddos rule AppDDoS-rule-name then ip-action
log
Once enabled, the application-level DDoS logs will appear in the regular system logs. For information about monitoring events and managing system log files, see the JUNOS Software Administration Guide for Security Devices.
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices
- Understanding IDP Log Suppression Attributes
- Understanding IDP Logging
- Understanding IDP Log Information Usage on the Infranet Controller
- IDP Application-Level DDoS Attack Overview