Current view: XpoLog V6. Available: XpoLog V5 and XpoLog V7 (Latest)

Skip to end of metadata
Go to start of metadata

Integration of Juniper logs into XpoLog.


  A. Open the relevant ports (TCP\UDP) on the XpoLog machine.
  B. Create a syslog listener on the listeners tab in XpoLog that will listen and collect the log from the Juniper machine.

F5 Configurations:

Configure Juniper to send logs over Syslog to XpoLog defined listener

System Log - 

    I. For the syslog of the Juniper log, set the logTypes of the syslog to ‘syslog,juniper,audit’.

    II. Apply the following pattern on the log (default pattern):


XPLG:[{timestamp:Timestamp,MM/dd/yyyy HH:mm:ss.SSS}] [{text:Facility}] [{priority:Level,DEBUG;INFO;WARN;ERROR;FATAL}] [{text:Source Device}] {block,start,emptiness=true}{text:Application Name}[{text:Process Id}]: {block,end,emptiness=true}{text:Device} {text:Process}{block,start,emptiness=true}[{text:ID}]{block,end,emptiness=true}: {regexp:User,ftype=username;refName=Message,(user '|User '|password for )[XPLG_PARAM([^\u0027f]+)].}{regexp:eventName,ftype=eventName;refName=Message,([A-Z][A-Z]+_[^:]\w+).+}{regexp:Host,ftype=sourceip;refName=message,(from |ssh-connection \u0027)[XPLG_PARAM([^\s]\d+\.\d+\.\d+\.\d+)].}{regexp:Status,ftype=status;refName=message,Error}{text:message,ftype=message;,}

For more information about the log fields, see below the format Conversion Table:


Field Name


XpoLog Pattern





  • No labels