Hi folks,
Can anyone tell me if STRM is required to read the packet-log stream coming from IDP or can I use log director in JUNOS space?
Also, does anyone have any real world performance stats on using packet-log with IDP? I would like to turn it on and off for a single attack type at a time to troubleshoot IDP events. If a single attack type is being logged, any known performance issues? I have a pair of SRX1400's and SRX1500's running in chassis clusters.
Thanks!