Here’s a list of my favorite Juniper SRX Junos commands I use for troubleshooting.
Show config as single lines instead of stanzas
This is useful for displaying the config to look more like the way a Cisco config looks. It’s easier to search for keywords in the config with this command by doing things like
show | display set | match interface.
Show the connections going through the SRX
This will show detailed information of all the connections and flows going through the SRX. The output will look like this.
The output above displays a user on the inside going to a website on the outside. The user IP is
172.16.200.43, the web server is
220.127.116.11, and the SRX NAT’d this outbound flow to
See uncommitted changes
When you want to make changes to an SRX it’s best to check whether there are any uncommited changes before you begin making changes. This commands shows you what those are.
Show previous commits
The output above shows you the history of who did a change and when. This is why it’s important that each user has their own username.
See what was in a previous commit
This will display the contents of rollback 5.
Useful command to give a snapshot of multiple health statistics.
Show front panel alarms
Some models of Juniper SRX have a craft interface. This command will show you the LED status of the front panel.