suppression

Syntax

Hierarchy Level

Description

Log suppression reduces the number of logs by displaying a single record for multiple occurrences of the same event. Log suppression can negatively impact sensor performance if the reporting interval is set too high. By default this feature is enabled.

Options

disable	—Disable log suppression.
include-destination-address	When log suppression is enabled, multiple occurrences of events with the same source, service, and matching attack object generate a single log record with a count of occurrences. If you enable this option, log suppression will only combine log records for events with a matching source as well. The IDP Sensor does not consider destination when determining matching events for log suppression. By default this setting is disabled.
max-logs-operate	When log suppression is enabled, IDP must cache log records so that it can identify when multiple occurrences of the same event occur. This setting specifies how many log records are tracked simultaneously by IDP. Syntax: `value`—Maximum number of log records are tracked by IDP. Range: 256 through 65,536 records Default: 16,384 records
max-time-report	When log suppression is enabled, IDP maintains a count of multiple occurrences of the same event. After the specified number of seconds has passed, IDP writes a single log entry containing the count of occurrences. Syntax: `value`—Time after which IDP writes a single log entry containing the count of occurrences. Range: 1 through 60 seconds Default: 5 seconds
start-log	Specify how many instances of a specific event must occur before log suppression begins. Syntax: `value`—Log suppression begins after how many occurrences. Range: 1 through 128 Default: 1

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 9.2.

ON THIS PAGE