- play_arrow Flow Monitoring and Flow Collection Services
- play_arrow Understanding Flow Monitoring
- play_arrow Monitoring Traffic Using Active Flow Monitoring
- Configuring Active Flow Monitoring
- Active Flow Monitoring System Requirements
- Active Flow Monitoring Applications
- Active Flow Monitoring PIC Specifications
- Active Flow Monitoring Overview
- Active Flow Monitoring Overview
- Example: Configuring Active Monitoring on an M, MX or T Series Router’s Logical System
- Example: Configuring Flow Monitoring on an MX Series Router with MS-MIC and MS-MPC
- Configuring Services Interface Redundancy with Flow Monitoring
- Configuring Inline Active Flow Monitoring Using Routers, Switches or NFX250
- Configuring Flow Offloading on MX Series Routers
- Configuring Active Flow Monitoring on PTX Series Packet Transport Routers
- Configuring Actively Monitored Interfaces on M, MX and T Series Routers
- Collecting Flow Records
- Configuring M, MX and T Series Routers for Discard Accounting with an Accounting Group
- Configuring M, MX and T Series Routers for Discard Accounting with a Sampling Group
- Configuring M, MX and T Series Routers for Discard Accounting with a Template
- Defining a Firewall Filter on M, MX and T Series Routers to Select Traffic for Active Flow Monitoring
- Processing IPv4 traffic on an M, MX or T Series Router Using Monitoring services, Adaptive services or Multiservices Interfaces
- Replicating M, MX and T Series Routing Engine-Based Sampling to Multiple Flow Servers
- Replicating Version 9 Flow Aggregation From M, MX and T Series Routers to Multiple Flow Servers
- Configuring Routing Engine-Based Sampling on M, MX and T Series Routers for Export to Multiple Flow Servers
- Example: Copying Traffic to a PIC While an M, MX or T Series Router Forwards the Packet to the Original Destination
- Configuring an Aggregate Export Timer on M, MX and T Series Routers for Version 8 Records
- Example: Sampling Configuration for M, MX and T Series Routers
- Associating Sampling Instances for Active Flow Monitoring with a Specific FPC, MPC, or DPC
- Example: Sampling Instance Configuration
- Example: Sampling and Discard Accounting Configuration on M, MX and T Series Routers
- play_arrow Monitoring Traffic Using Passive Flow Monitoring
- Passive Flow Monitoring Overview
- Passive Flow Monitoring System Requirements for T Series, M Series and MX Series Routers
- Passive Flow Monitoring Router and Software Considerations for T Series, M Series and MX Series Routers
- Understanding Passive Flow Monitoring on T Series, M Series and MX Series Routers
- Enabling Passive Flow Monitoring on M Series, MX Series or T Series Routers
- Configuring Passive Flow Monitoring
- Example: Passive Flow Monitoring Configuration on M, MX and T Series Routers
- Configuring a Routing Table Group on an M, MX or T Series Router to Add Interface Routes into the Forwarding Instance
- Using IPSec and an ES PIC on an M, MX or T Series Router to Send Encrypted Traffic to a Packet Analyzer
- Applying a Firewall Filter Output Interface on an M, MX or T Series Router to Port-mirror Traffic to PICs or Flow Collection Services
- Monitoring Traffic on a Router with a VRF Instance and a Monitoring Group
- Specifying a Firewall Filter on an M, MX or T Series Router to Select Traffic to Monitor
- Configuring Input Interfaces, Monitoring Services Interfaces and Export Interfaces on M, MX or T Series Routers
- Establishing a VRF Instance on an M, MX or T Series Router for Monitored Traffic
- Configuring a Monitoring Group on an M, MX or T Series Router to Send Traffic to the Flow Server
- Configuring Policy Options on M, MX or T Series Routers
- Stripping MPLS Labels on ATM, Ethernet-Based and SONET/SDH Router Interfaces
- Using an M, MX or T Series Router Flow Collector Interface to Process and Export Multiple Flow Records
- Example: Configuring a Flow Collector Interface on an M, MX or T Series Router
- play_arrow Processing and Exporting Multiple Records Using Flow Collection
- play_arrow Logging Flow Monitoring Records with Version 9 and IPFIX Templates for NAT Events
- Understanding NAT Event Logging in Flow Monitoring Format on an MX Series Router or NFX250
- Configure Active Flow Monitoring Logs for NAT44/NAT64
- Configuring Log Generation of NAT Events in Flow Monitoring Record Format on an MX Series Router or NFX250
- Exporting Syslog Messages to an External Host Without Flow Monitoring Formats Using an MX Series Router or NFX250
- Exporting Version 9 Flow Data Records to a Log Collector Overview Using an MX Series Router or NFX250
- Understanding Exporting IPFIX Flow Data Records to a Log Collector Using an MX Series Router or NFX250
- Mapping Between Field Values for Version 9 Flow Templates and Logs Exported From an MX-Series Router or NFX250
- Mapping Between Field Values for IPFIX Flow Templates and Logs Exported From an MX Series Router or NFX250
- Monitoring NAT Events on MX Series Routers by Logging NAT Operations in Flow Template Formats
- Example: Configuring Logs in Flow Monitoring Format for NAT Events on MX Series Routers for Troubleshooting
-
- play_arrow Flow Capture Services
- play_arrow Dynamically Capturing Packet Flows Using Junos Capture Vision
- play_arrow Detecting Threats and Intercepting Flows Using Junos Flow-Tap and FlowTapLite Services
- Understanding the FlowTap and FlowTapLite Services
- Understanding FlowTap and FlowTapLite Architecture
- Configuring the FlowTap Service on MX Series Routers
- Configuring a FlowTap Interface on MX Series Routers
- Configuring FlowTap and FlowTapLite Security Properties
- FlowTap and FlowTapLite Application Restrictions
- Examples: Configuring the FlowTapLite Application on MX Series and ACX Series Routers
- Configuring FlowTapLite on MX Series Routers and M320 Routers with FPCs
-
- play_arrow Inline Monitoring Services and Inband Network Telemetry
- play_arrow Inline Monitoring Services
- play_arrow Flow-Based Telemetry
- play_arrow Inband Flow Analyzer 2.0
- play_arrow Juniper Resiliency Interface
-
- play_arrow Sampling and Discard Accounting Services
- play_arrow Sampling Data Using Traffic Sampling and Discard Accounting
- play_arrow Sampling Data Using Inline Sampling
- Understand Inline Active Flow Monitoring
- Configuring Inline Active Flow Monitoring Using Routers, Switches or NFX250
- Configuring Inline Active Flow Monitoring on MX80 and MX104 Routers
- Configuring Inline Active Flow Monitoring on PTX Series Routers
- Inline Active Flow Monitoring of MPLS-over-UDP Flows on PTX Series Routers
- Inline Active Flow Monitoring on IRB Interfaces
- Example: Configuring Inline Active Flow Monitoring on MX Series and T4000 Routers
- play_arrow Sampling Data Using Flow Aggregation
- Understanding Flow Aggregation
- Enabling Flow Aggregation
- Configuring Flow Aggregation on MX, M and T Series Routers and NFX250 to Use Version 5 or Version 8 cflowd
- Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version 9 Flow Templates
- Configuring Flow Aggregation on PTX Series Routers to Use Version 9 Flow Templates
- Configuring Inline Active Flow Monitoring to Use IPFIX Flow Templates on MX, vMX and T Series Routers, EX Series Switches, NFX Series Devices, and SRX Series Firewalls
- Configuring Flow Aggregation to Use IPFIX Flow Templates on PTX Series Routers
- Configuring Observation Domain ID and Source ID for Version 9 and IPFIX Flows
- Configuring Template ID and Options Template ID for Version 9 and IPFIX Flows
- Including Fragmentation Identifier and IPv6 Extension Header Elements in IPFIX Templates on MX Series Routers
- Directing Replicated Flows from M and T Series Routers to Multiple Flow Servers
- Logging cflowd Flows on M and T Series Routers Before Export
- Configuring Next-Hop Address Learning on MX Series and PTX Series Routers for Destinations Accessible Over Multiple Paths
-
- play_arrow Configuration Statements and Operational Commands
Trace RPM Operations
RPM tracing operations track all RPM operations and record them in a log file. The logged error descriptions provide detailed information to help you solve problems faster.
RPM Trace Operations Overview
In Junos OS, you enable tracing operations by configuring the traceoptions statement
at the specific hierarchy level you want to trace. Junos OS Evolved uses a different
tracing architecture. All running applications create trace information, with
multiple instances of the same application having their own trace information.
Therefore, in Junos OS Evolved, trace messages are logged, viewed, and configured by
application. As a result, Junos OS Evolved does not support the
traceoptions statement at many of the hierarchy levels that
Junos OS supports.
In Junos OS Evolved, you do not view trace files directly, and you should never add,
edit, or remove trace files under the /var/log/traces directory
because this can corrupt the traces. Instead, you use the show trace
application application-name node
node-name command to read and decode trace
messages stored in the trace files. All running applications on Junos OS Evolved
create trace information at the info level by default.
In Junos OS, by default, no events are traced. You can change this default behavior
by using the traceoptions statement. If you include the
traceoptions statement at the [edit services
rpm] hierarchy level, the default tracing behavior is the
following:
Important events are logged in a file called rmopd located in the /var/log directory.
When the log file reaches 128 kilobytes (KB), it is renamed rmopd.0, then rmopd.1, and so on, until there are three trace files. Then the oldest trace file (rmopd.2) is overwritten.
Log files can be accessed only by the user who configures the tracing operation.
RPM is governed by the rmopd application. For Junos OS Evolved, to
configure traces for a severity other than info for the
rmopd application, include the application rmopd node
node-name level severity
statement at the [edit system trace] hierarchy level.
For general monitoring and troubleshooting of devices running Junos OS or Junos OS Evolved, we recommend using standard tools such as CLI show commands, system log messages, SNMP, and telemetry data. You should avoid using trace messages for general debugging purposes and long-term solutions because they are subject to change without notice.
Configure the Trace Operations
By default, for Junos OS, if the traceoptions configuration is
present, only important events are logged. You can configure the trace
operations to be logged by including the following statements at the
[edit services rpm traceoptions] hierarchy level:
flag {
all;
configuration;
error;
ipc;
ppm;
rpd;
statistics
}
Table 1 describes the meaning of the RPM tracing flags.
Flag | Description | Default Setting |
|---|---|---|
| Trace all operations. | Off |
| Trace configuration events. | Off |
| Trace events related to catastrophic errors in daemon. | Off |
| Trace IPC events. | Off |
| Trace ppm events. | Off |
| Trace rpd events. | Off |
| Trace statistics. | Off |
By default, for Junos OS Evolved, all running applications create trace
information at the info level. To configure traces for a
severity other than info for the rmopd
application, include the application rmopd node
node-name level severity
statement at the [edit system trace] hierarchy level. For information about the
various configurable severity levels for Junos OS Evolved, see trace.
See Also
Configure the RPM Log File Name
(Junos OS only) By default, the name of the file that records RPM trace output is rmopd. To specify a different file name:
[edit services rpm traceoptions] user@host set file filename
Configure the Number and Size of RPM Log Files
(Junos OS only) To configure the limits on the number and size of RPM trace files:
[edit services rpm traceoptions] user@host set file filename files number size size
The number of files can be from 2 through 1000 files. The file size of each file can be from 10 KB through 1 gigabyte (GB).
For example, set the maximum file size to 2 MB, and the maximum number of files to 20 for a log file named rpmtrace:
[edit services rpm traceoptions] user@host set file rpmtrace files 20 size 2MB
When the rpmtrace file reaches 2 MB, it is renamed rpmtrace.0, and a new file called rpmtrace is created. When the new rpmtrace reaches 2 MB, rpmtrace.0 is renamed rpmtrace.1 and rpmtrace is renamed rpmtrace.0. This process repeats until there are 20 trace files. Then the oldest file (rpmtrace.19) is overwritten by rpmtrace.18.
Configure Access to the Log File
(Junos OS only) By default, log files can be accessed only by the user who configures the tracing operation.
To specify that any user can read all log files:
[edit services rpm traceoptions] user@host set file filename world-readable
To explicitly set the default behavior:
[edit services rpm traceoptions] user@host set file filename no-world-readable
Configure a Regular Expression for Lines to Be Logged
(Junos OS only) By default, the trace operation output includes all lines relevant to the logged events.
To refine the output by specifying a regular expression (regex) to be matched:
[edit services rpm traceoptions] user@host set file filename match regular-expression
