Tracing Operations for Security Services
Configuring Tracing Operations
To configure trace options for security services, specify flags using the traceoptions statement:
[edit security] traceoptions { file filename <files number> <size size>; flag all; flag database; flag general; flag ike; flag parse; flag policy-manager; flag routing-socket; flag timer; }
You can include these statements at the following hierarchy levels:
[edit security][edit services ipsec-vpn]
You can specify one or more of the following security tracing flags:
all—Trace all security eventsdatabase—Trace database eventsgeneral—Trace general eventsike—Trace IKE module processingparse—Trace configuration processingpolicy-manager—Trace policy manager processingrouting-socket—Trace routing socket messagestimer—Trace internal timer events
See Also
Configuring Tracing Operations for IPsec Events for Adaptive Services PICs
To configure trace options to trace IPsec events for Adaptive Services
PICs, include the following statements at the [edit services ipsec-vpn] hierarchy
level:
[edit services ipsec-vpn] traceoptions { file filename <files number> <size size>; flag all; flag database; flag general; flag ike; flag parse; flag policy-manager; flag routing-socket; flag timer; }
Trace option output is recorded in the /var/log/kmd file.
You can specify one or more of the following security tracing flags:
all—Trace all security eventsdatabase—Trace database eventsgeneral—Trace general eventsike—Trace IKE module processingparse—Trace configuration processingpolicy-manager—Trace policy manager processingrouting-socket—Trace routing socket messagestimer—Trace internal timer events