ryanfaircloth · September 7, 2019 23:30
diff --git a/test-juniper b/test-juniper
 #!/bin/bash
 
 # Juniper Netscreen

 echo
 echo Sending Juniper Netscreen event:
 echo
 echo The event will show up in Splunk with a sourcetype of "syslog-ng:fallback" unless a 
 echo "hostname wildcard or CIDR block is configured (see beta test SC4SB002)."
 echo
 echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-bob ns204: NetScreen device_id=netscreen2  [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1"

 echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-bob ns204: NetScreen device_id=netscreen2  [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1" | nc -w 1 sc4s.smg.aws 514
	#!/bin/bash

	# Juniper Netscreen

	echo
	echo Sending Juniper Netscreen event:
	echo
	echo The event will show up in Splunk with a sourcetype of "syslog-ng:fallback" unless a
	echo "hostname wildcard or CIDR block is configured (see beta test SC4SB002)."
	echo
	echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-bob ns204: NetScreen device_id=netscreen2 [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1"

	echo -e "<190>`date +\"%b %d %H:%M:%S\"` bdr-bob ns204: NetScreen device_id=netscreen2 [Root]system-notification-00257(traffic): start_time=\"`date +\"%Y-%m-%d %H:%M:%S\"`\" duration=0 policy_id=320001 service=msrpc Endpoint Mapper(tcp)proto=6 src zone=Null dst zone=self action=Deny sent=0 rcvd=16384 src=21.10.90.125 dst=23.16.1.1" \| nc -w 1 sc4s.smg.aws 514