traceoptions (General Authentication Service)
Syntax
traceoptions { file filename <files number> <match regular-expression > <size maximum-file-size> <world-readable | no-world-readable>; filter { user user@domain; } flag flag; no-remote-trace; }
Hierarchy Level
[edit system processes general-authentication-service]
Description
Configure tracing options for the general authentication service.
Options
file filename
—Name of the file to receive the output of the tracing operation.
All files are placed in the directory /var/log
.
files number
—(Optional)
Maximum number of trace files to create before overwriting the oldest
one. If you specify a maximum number of files, you also must specify
a maximum file size with the size
option.
Range: 2 through 1000
Default: 3 files
filter
—Additional filter to refine the
output to display particular subscribers. Filtering based on the following
subscriber identifier simplifies troubleshooting in a scaled environment.
user
user@domain—Username of a subscriber. Optionally use an asterisk (*) as a wildcard to substitute for characters at the beginning or end of either term or both terms.
flag flag
—Tracing operation
to perform. To specify more than one tracing operation, include multiple flag
statements. You can include the following flags:
address-assignment
—Trace address-assignment pool eventsall
—Trace all tracing operationsconfiguration
—Trace configuration eventsframework
—Trace authentication framework eventsgx-plus
—Trace Gx-Plus eventsjsrc
—Trace JSRC eventsldap
—Trace LDAP authentication eventslocal-authentication
—Trace local authentication eventsradius
—Trace RADIUS authentication eventsuser-access
—Trace user access events, such as login, logout, and authenticate.
match regular-expression
—(Optional)
Refine the output to include lines that contain the regular expression.
no-remote-trace
—Disable remote tracing.
no-world-readable
—(Optional) Disable unrestricted
file access.
size maximum-file-size
—(Optional)
Maximum size of each trace file. By default, the number entered is
treated as bytes. Alternatively, you can include a suffix to the number
to indicate kilobytes (KB), megabytes (MB), or gigabytes (GB). If
you specify a maximum file size, you also must specify a maximum number
of trace files with the files
option.
Syntax:
sizek
to specify KB,sizem
to specify MB, orsizeg
to specify GB
Range: 10240 through 1073741824
Default: 128 KB
world-readable
—(Optional) Enable unrestricted
file access.
Required Privilege Level
trace—To view this statement in the configuration.
trace-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.0.