Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Juniper Networks Steel-Belted Radius

The Juniper Steel-Belted Radius DSM for JSA accepts syslog forwarded events from Windows when you run the WinCollect agent. You can also collect events from Linux-based operating systems by using the Syslog, TLS syslog, or the Log File protocol.

JSA records all successful and unsuccessful login attempts. You can integrate Juniper Networks Steel-Belted Radius with JSA by using one of the following methods:

  • Configure Juniper Steel Belted-Radius to use WinCollect on Microsoft Windows operating systems. For more information, see Configuring Juniper Networks Steel-Belted Radius to forward Windows events to JSA.

  • Configure Juniper Steel-Belted Radius by using syslog on Linux-based operating systems.

    • Configuring a Juniper Steel-Belted Radius Log Source by using the Syslog Protocol

    • Configuring a Juniper Networks Steel-Belted Radius Log Source by using the TLS Syslog Protocol

    • Configuring a Juniper Steel-Belted Radius Log Source by using the Log File Protocol

Juniper Networks Steel-Belted Radius DSM Specifications

The following table describes the specifications for the Juniper Steel-Belted Radius DSM.

Table 1: Juniper Networks Steel-Belted Radius DSM Specifications

Specification

Value

Manufacturer

Juniper Networks

DSM name

Juniper Steel-Belted Radius

RPM file name

DSM-JuniperSteelBeltedRadius -JSA_version-build_number.noarch.rpm

Supported versions

5.x

Protocol

Syslog, TLS Syslog, Log File, and WinCollect Juniper SBR

Event format

  

Recorded event types

All events

Automatically discovered?

Yes

Includes identity?

Yes

Includes custom properties?

Yes

Configure Juniper Networks Steel-Belted Radius to Forward Windows Events to JSA

You can forward Windows events to JSA by using WinCollect.

To forward Windows events by using WinCollect, install WinCollect agent on a Windows host. Download the WinCollect agent setup file from https://support.juniper.net/support/downloads/. Add a Juniper Steel-Belted Radius log source and assign it to the WinCollect agent.

The following table describes the parameters that require specific values for the WinCollect log source parameters.

Table 2: Juniper Steel-Belted Radius WinCollect Juniper SBR Log Source Parameters

Parameter

Value

Log Source type

Juniper Steel-Belted Radius

Protocol Configuration

WinCollect Juniper SBR

Log Source Identifier

The IP address or host name of the Windows device from which you want to collect Windows events. The log source identifier must be unique for the log source type.

Local System

Select the Local System check box to disable the remote collection of events for the log source. The log source uses local system credentials to collect and forward logs to JSA.

You need to configure the Domain, Username, and Password parameters if remote collection is required.

Polling Interval

The interval, in milliseconds, between times when WinCollect polls for new events.

Enable Active Directory Lookups

Do not select the check box.

WinCollectAgent

Select your WinCollect agent from the list.

Target Internal Destination

Use any managed host with an event processor component as an internal destination.

For more information about WinCollect log source parameters, see the Common WinCollect log source parameters documentation.

Configuring Juniper Networks Steel-Belted Radius to Forward Syslog Events to JSA

Before you can add a log source in JSA, configure your Juniper Networks Steel-Belted Radius device to send Syslog events to JSA.

  1. Use SSH to log in to your Juniper Steel-Belted Radius device, as a root user.

  2. Edit the following file:

    /etc/syslog.conf

  3. Add the following line:

    <facility>.<priority>@<IP address>

    Where:

    • <facility> is the syslog facility, for example, local3.

    • <priority> is the syslog priority, for example, info.

    • <IP address> is the IP address of the JSA.

  4. Save the file.

  5. From the command-line, type the following command to restart syslog:

    service syslog restart`

    You are now ready to configure the log source in JSA.

Configuring a Juniper Steel-Belted Radius Log Source by using the Syslog Protocol

If you want to collect Juniper Steel-Belted Radius logs from a Juniper Steel-Belted Radius device, configure a log source on the JSA Console so that Juniper Steel-Belted Radius can communicate with JSA by using the Syslog protocol.

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs on your JSA console:

    • DSMCommon RPM

    • Juniper Steel Belt Radius DSM RPM

  2. Configure your Juniper Steel-Belted Radius device to send syslog events to JSA.

  3. Add a Syslog log source on the JSA console.

  4. The following table describes the parameters that require specific values to collect Syslog events from Juniper Steel-Belted Radius by using the Syslog protocol:

    Table 3: Syslog Protocol log Source Parameters

    Parameter

    Description

    Log Source type

    Juniper Steel-Belted Radius

    Protocol Configuration

    Syslog

Configuring a Juniper Networks Steel-Belted Radius Log Source by using the TLS Syslog Protocol

If you want to collect Juniper Steel Belted-Radius logs from a Juniper Steel Belted-Radius device, configure a log source on the JSA console so that Juniper Steel-Belted Radius can communicate with JSA by using the TLS syslog protocol.

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs on your JSA console:

    • DSMCommon RPM

    • TLS Syslog protocol RPM

    • Juniper Steel Belt Radius DSM RPM

  2. Add a TLS Syslog log source on the JSA console.

  3. The following table describes the parameters that require specific values to collect Syslog events from Juniper Steel-Belted Radius by using the TLS Syslog protocol:

    Table 4: TLS Syslog Protocol Log Source Parameters

    Parameter

    Description

    Log Source type

    Juniper Steel-Belted Radius

    Protocol Configuration

    TLS Syslog

Configuring a Juniper Steel-Belted Radius Log Source by using the Log File Protocol

If you want to collect Juniper Steel Belted-Radius logs from a Juniper Steel Belted-Radius device, configure a log source on the JSA console so that Juniper Steel-Belted Radius can communicate with JSA by using the Log File protocol.

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs on your JSA console:

    • DSMCommon RPM

    • Log file protocol RPM

    • Juniper Steel Belt Radius DSM RPM

  2. Add a Log File protocol log source on the JSA console.

  3. The following table describes the parameters that require specific values to collect Syslog events from Juniper Steel-Belted Radius by using the Log File protocol:

    Table 5: Log File Protocol Log Source Parameters

    Parameter

    Description

    Log Source type

    Juniper Steel-Belted Radius

    Protocol Configuration

    Log File

    Service Type

    FTP

    Remote Directory

    The default directory is /opt/JNPRsbr/radius/ authReports/

    FTP File Pattern

    .*\.csv

    Event Generator

    Juniper SBR

Juniper Steel Belted Radius Sample Event Message

Use these sample event messages to verify a successful integration with JSA.

Note:

Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.

Juniper Steel Belted Radius sample message when you use the Syslog protocol

The following sample event message shows a successful authentication.

Table 6: Highlighted fields in the Juniper Steel Belted Radius sample event

JSA field name

Highlighted values in the event payload

Event ID

accepts

Event Category

JuniperSBR

Source IP

10.100.10.3