ryanfaircloth · September 19, 2019 15:29
diff --git a/test-juniper-port.sh b/test-juniper-port.sh
 #!/bin/bash
 
 # Juniper Netscreen

 echo
 echo Sending Juniper Netscreen event:
 echo
 echo The event will show up in Splunk with a sourcetype of "syslog-ng:fallback" unless a 
 echo "hostname wildcard or CIDR block is configured (see beta test SC4SB002)."
 echo
 echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-tom ns204: NetScreen device_id=netscreen2  [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1"

 echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-tom ns204: NetScreen device_id=netscreen2  [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1" | nc -w 1 sc4s.smg.aws 5000
	#!/bin/bash

	# Juniper Netscreen

	echo
	echo Sending Juniper Netscreen event:
	echo
	echo The event will show up in Splunk with a sourcetype of "syslog-ng:fallback" unless a
	echo "hostname wildcard or CIDR block is configured (see beta test SC4SB002)."
	echo
	echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-tom ns204: NetScreen device_id=netscreen2 [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1"

	echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-tom ns204: NetScreen device_id=netscreen2 [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1" \| nc -w 1 sc4s.smg.aws 5000