traceoptions (Security Application Firewall)
Syntax
traceoptions { file { filename; files number; match regular-expression; size maximum-file-size; (world-readable | no-world-readable); } flag flag; no-remote-trace; }
Hierarchy Level
[edit security application-firewall] [edit tenants tenant-name security application-firewall]
Description
Configure trace options for the application firewall.
Starting in Junos OS Release 18.2R1, the application firewall
(AppFW) functionality is deprecated. As a part of this change, the [edit security application-firewall]
hierarchy and all the
configuration options under this hierarchy are deprecated— rather
than immediately removed—to provide backward compatibility and
an opportunity to bring your configuration into compliance with the
new configuration.
Options
file
—Configure the trace file options.filename
—Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory/var/log
. By default, the name of the file is the name of the process being traced.files number
—Maximum number of trace files. When a trace file namedtrace-file
reaches its maximum size, it is renamed totrace-file.0
, thentrace-file.1
, and so on, until the maximum number of trace files is reached. The oldest archived file is overwritten.If you specify a maximum number of files, you also must specify a maximum file size with the
size
option and a filename.Range: 2 through 1000 files
Default: 10 files
match regular-expression
—Refine the output to include lines that contain the regular expression.size maximum-file-size
—Maximum size of each trace file, in kilobytes (KB), megabytes (MB), or gigabytes (GB). When a trace file namedtrace-file
reaches this size, it is renamedtrace-file.0
. When thetrace-file
again reaches its maximum size,trace-file.0
is renamedtrace-file.1
andtrace-file
is renamedtrace-file.0
. This renaming scheme continues until the maximum number of trace files is reached. Then the oldest trace file is overwritten.If you specify a maximum file size, you also must specify a maximum number of trace files with the
files
option and a filename.Syntax:
x K
to specify KB,x m
to specify MB, orx g
to specify GBRange: 10 KB through 1 GB
Default: 128 KB
world-readable
|no-world-readable
—By default, log files can be accessed only by the user who configures the tracing operation. Theworld-readable
option enables any user to read the file. To explicitly set the default behavior, use theno-world-readable
option.
flag
—Trace operation to perform. To specify more than one trace operation, include multipleflag
statements.all
—Trace with all flags enabledcompilation
—Trace rule set compilation eventsconfiguration
—Trace configuration eventsipc
—Trace process inter communication eventslookup
—Trace rule set lookup events
no-remote-trace
—Set remote tracing as disabled.
Required Privilege Level
trace—To view this statement in the configuration.
trace-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 11.1.
The statement set tenant tenant-name security application-firewall
is introduced in Junos OS Release
18.4R1.