Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

traceoptions

Syntax

traceoptions {file filename <files number> <size size>;flag all;flag certificates;flag database;flag general;flag ike;flag parse;flag policy-manager;flag routing-socket;flag timer;levelno-remote-trace}

Hierarchy Level

[edit security],[edit services ipsec-vpn]

Trace options can be configured at either the [edit security] or the [edit services ipsec-vpn] hierarchy level, but not at both levels.

Release Information

Statement introduced before Junos OS Release 7.4.

Statement introduced in Junos OS Release 9.0 for EX Series switches.

Statement introduced in Junos OS Release 11.1 for the QFX Series.

Description

Configure security trace options.

To specify more than one trace option, include multiple flag statements. Trace option output is recorded in the /var/log/kmd file.

Note: The traceoptionsstatement is not supported on QFabric systems.

Options

files number—(Optional) Maximum number of trace files. When a trace file (for example, kmd) reaches its maximum size, it is renamed kmd.0, then kmd.1, and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

If you specify a maximum number of files, you must also specify a maximum file size with the size option.

Range: 2 through 1000 files

Default: 0 files

size size—(Optional) Maximum size of each trace file, in kilobytes (KB). When a trace file (for example, kmd) reaches this size, it is renamed, kmd.0, then kmd.1 and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

Default: 1024 KB

flag flag—Trace operation to perform. To specify more than one trace operation, include multiple flag statements.

  • all—Trace all security events.
  • certificates—Trace certificate events.
  • database—Trace database events.
  • general—Trace general events.
  • ike—Trace IKE module processing.
  • parse—Trace configuration processing.
  • policy-manager—Trace policy manager processing.
  • routing-socket—Trace routing socket messages.
  • timer—Trace internal timer events.

level level—(Optional) Set traceoptions level.

  • all—match all levels.
  • error—Match error conditions.
  • info—Match informational messages.
  • notice—Match conditions that should be handled specially.
  • verbose—Match verbose messages.
  • warning—Match warning messages.

no-remote-trace—(Optional) Disable remote tracing

Required Privilege Level

admin—To view the configuration.

admin-control—To add this statement to the configuration.

 

Related Documentation

 

Published: 2012-07-03

Previous Page Next Page