rate-limit (Security Log)
Syntax
rate-limit rate-limit;
Hierarchy Level
[edit security log stream stream-name] [edit logical-systems name security log stream stream-name] [edit tenants tenant-name security log stream stream-name]
Description
The Integrated Authentication and Enforcement feature sends threat and attack logs generated by the SRX Series Firewall security modules to the ClearPass Policy Manager (CPPM) to use in its security policy assessment.
The logs are sent in stream mode. To avoid overburdening the SRX Series Firewall and the log server, you can control the rate at which these logs are sent. By setting a rate-limit value, you can constrain the number of logs that are sent in 1 second. After the limit is reached, no more logs are sent.
Range: 1 through 65,535.
For devices with multicore systems that use SPUs, each SPU is programmed with the configured-rate, which results in an aggregate-rate proportional to the number of SPUs.
SPU configured-rate = aggregate-rate/number-of-SPUs
Rate limiting on SRX5400, SRX5600, and SRX5800 devices is generally not as accurate as it is on SRX100, SRX210, SRX220, SRX240, SRX650, SRX1400, SRX1500, SRX3400, SRX3600, SRX4100, and SRX4200 devices, because the generation of logs is not entirely balanced between SPUs.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 12.3X48-D30.
The [edit logical-systems name security log stream] hierarchy level introduced
in Junos OS Release 18.2R1.
The [edit tenants tenant-name security log stream] hierarchy
level introduced in Junos OS Release 18.3R1.