1. KNOWLEDGE BASE
  2. DEVICE INTEGRATION

Juniper Cortex Threat

Integration of Juniper Advanced Threat Prevention with DNIF

  • Log in to Juniper Advanced Threat Prevention using the web interface and Navigate to the Config > Notifications page.
  • Select SIEM Settings from the left panel menu.
  • Click Add New SIEM Connector to set up a new Events, System Audit or System Health log notification in CEF format.
  • Select from the available options and modify the configurations.
    image 1-Dec-04-2023-06-21-37-4613-AM

Alert notification configuration options

Alert notifications for events or system audits are available only if Outgoing Mail Settings are configured from the Config>System Settings menu.

Descriptions of Events alert settings are provided in the following tables.

Type Select the type of notification to be configured: Event
Format Select CEF or Syslog as the notification output format
Malware Severity To filter the log notification by malware severity results, choose either:
  • All Malware
  • Critical, High or Med
  • Critical or High
Generate On Select Trigger or By Schedule to set the method by which an Events log is generated.
Host Name Enter the host name of the Syslog server.
Port Number Enter the port number of the Syslog server.

System Audit Events Settings

Type Select the type of notification to be configured: Event
Format Select CEF or Syslog as the notification output format
Event Type Select the event type(s) to include in the alert notification:
  • Login/Logout
  • Failed logins
  • Add/Update Users
  • System Settings
  • Restarts
Generate On Select Trigger or By Schedule to set the method by which an Events log is generated.

Official Documentation