Author Topic: No traffic logs on NSM  (Read 6064 times)

Marclor

  • Newbie
  • *
  • Posts: 36
  • Karma: +0/-0
    • View Profile
No traffic logs on NSM
« on: August 23, 2010, 03:18:40 pm »
Hi,

I have recently installed an IDP75 box with NSM 2010.2. I added the device on NSM, I updated NSM and pushed a policy to IDP and placed my pc behind IDP. I checked traffic logs in NSM, there was a lot of logs (icmp, pop3,smtp,http), they were generated by my pc. Then I replaced my pc with another machine, there traffic logs stopped suddenly, I put back my pc behind IDP but still no traffic logs. I can see that DI/IDP logs are generated when scanning with nmap but no traffic logs.

Did someone face the same issue?

Capt_Winters

  • Sr. Member
  • ****
  • Posts: 320
  • Karma: +0/-0
    • View Profile
Re: No traffic logs on NSM
« Reply #1 on: February 02, 2011, 12:25:43 am »
there could be lots of reasons why youre not getting the logs,

what was the policy defined, is the other machine included in the policy?

what was the gateway of your other machine

have you checked the services on nsm?

Capt_Winters

  • Sr. Member
  • ****
  • Posts: 320
  • Karma: +0/-0
    • View Profile
Re: No traffic logs on NSM
« Reply #2 on: August 23, 2011, 07:35:22 am »
check nsm services if theyre up (sh /usr/netscreen/GuiSvr/bin/guiSvr.sh status)


sh /usr/netscreen/DevSvr/bin/devSvr.sh status

or check if your nsm had the necessary patches / schemas for IDP 75

fcar

  • Newbie
  • *
  • Posts: 31
  • Karma: +0/-0
    • View Profile
Re: No traffic logs on NSM
« Reply #3 on: August 31, 2011, 03:57:34 am »
sure the machine got the correct ip address and default gateway?

 :?

signal15

  • Administrator
  • Hero Member
  • *****
  • Posts: 531
  • Karma: +1/-0
    • View Profile
    • JuniperForum.com
Re: No traffic logs on NSM
« Reply #4 on: September 13, 2011, 10:42:48 am »
I don't think the IDP logs traffic by default, it only logs signature matches and anomalies.  But you may be able to create a policy line that logs everything.