Scribd
Upload
13 views

SRX Getting Started - Troubleshooting Commands

This document provides troubleshooting commands and techniques for SRX devices. It includes commands for monitoring hardware, interfaces, sessions, and alarms. It also describes how to view log files, configure debugging using traceoptions, capture transit traffic through packet-capture, and monitor control plane traffic to the routing engine interface.

Uploaded by

Gunter Arango
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
13 views

SRX Getting Started - Troubleshooting Commands

This document provides troubleshooting commands and techniques for SRX devices. It includes commands for monitoring hardware, interfaces, sessions, and alarms. It also describes how to view log files, configure debugging using traceoptions, capture transit traffic through packet-capture, and monitor control plane traffic to the routing engine interface.

Uploaded by

Gunter Arango
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

17/02/2023, 16:26 SRX Getting Started - Troubleshooting Commands

Home Knowledge Quick Links Log in

SRX Getting Started - Troubleshooting Commands

Article ID KB15779 Created 2009-11-09

Last Updated 2014-01-28

Description

This article contains instructions for troubleshooting your SRX device.  It includes common commands for
monitoring, viewing log files, and configuring traceoptions and packet capture.

For other topics, go to the SRX Getting Started main page.

Symptoms

Troubleshooting SRX Series devices.

Solution

This section contains the following:


Monitoring Commands  
Log Files
Debugging    (traceoptions)
Packet Capture for transit traffic through the SRX    (packet-capture)
Packet Capture of control traffic to and from the RE of the SRX    (monitor traffic interface)

Monitoring commands
The most common, important commands for monitoring the SRX hardware, interfaces, sessions, and alarms are
as follows:

Command Description

show version Software version

show chassis hardware


Hardware and Serial numbers
detail

Temperatures, Fan and Power


show chassis environment
Supply

show chassis routing

If you are familiar with ScreenOS, refer to KB14000 for a mapping of common troubleshooting commands from
ScreenOS to Junos.

https://supportportal.juniper.net/s/article/SRX-Getting-Started-Troubleshooting-Commands?language=en_US 1/3
17/02/2023, 16:26 SRX Getting Started - Troubleshooting Commands

Log Files
System messages can be viewed in the log files with the 'show log messages' command.  Variations of the
command are as follows:

Command Description

show log List all Logfiles available

show log messages Show Log File from beginning

show log messages | last List last Log Messages

Debugging (Traceoptions)
The traceoptions feature in Junos is used for capturing debug data.  The following two KB articles explain how
to use traceoptions with examples:

KB16108 - Configuring Traceoptions for Debugging, and Trimming Output


KB16233 - How to use 'Flow Traceoptions' and the 'security datapath-debug'

Packet Capture for transit traffic through the SRX


For SRX Branch devices, use the Packet Capture Feature to snoop packets through the Junos device, within the
forwarding plane.  Refer to the following:
http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-
collections/security/software-all/monitoring-and-troubleshooting/index.html?config-pcap-chapter.html
KB16110 - Example of performing a Packet Capture on SRX Branch devices

Note:   The Packet Capture Feature can also be used to capture 'self-traffic' (e.g. Dynamic Routing Protocol
messages, ARP, management traffic, ICMP to Routing Engine).  However, this Packet Capture feature is not
available on the SRX High-End devices.

For SRX High-End devices, packet capture can be achieved using the datapath-debug feature.  Refer to the
following:
http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-
collections/security/software-all/monitoring-and-troubleshooting/index.html?jd0e26803.html
KB21563 - How to capture packets on High-End SRX devices

Packet Capture of control traffic to and from the RE of the SRX       


Use the 'monitor traffic interface' command to capture 'self-traffic', i.e. packets destined to and from the RE

https://supportportal.juniper.net/s/article/SRX-Getting-Started-Troubleshooting-Commands?language=en_US 2/3
17/02/2023, 16:26 SRX Getting Started - Troubleshooting Commands

(Routing Engine) of the Junos device.  This feature is useful for troubleshooting why one can't telnet to the SRX
device, or for troubleshooting if a SNMP request is being received and transmitted from the SRX device, or for
troubleshooting OSPF, BGP, and PPP connectivity issues. 

> monitor traffic interface <int> layer2-headers  


> monitor traffic interface e1-0/0/0.0 no-resolve

Notes: 
This feature is not promiscuous mode. This feature only captures traffic to/from the RE of the SRX or J
Series device itself.  It does not capture transit traffic (forwarding plane).
ICMP traffic is excluded.  (ICMP stays within the forwarding plane, and 'monitor traffic' is tracking the RE
(control plane)).

For additional information on the 'monitor traffic' command, refer to


http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-collections/security/software-
all/monitoring-and-troubleshooting/index.html?jd0e24088.html .

Related Information
KB21781 - [SRX] Data Collection Checklist - Logs/data to collect for troubleshooting
KB15719 - SRX Getting Started - CLI Modes and Features

AFFECTED PRODUCT SERIES / FEATURES

People also viewed

https://supportportal.juniper.net/s/article/SRX-Getting-Started-Troubleshooting-Commands?language=en_US 3/3

You might also like