Tracing and Logging Junos OS Operations
Tracing and logging operations allow you to track
events that occur in the router—both normal router operations
and error conditions—and to track the packets that are generated
by or passed through the router. The results of tracing and logging
operations are placed in files in the
/var/log directory on the router.
Junos OS provides an option to do remote tracing for specific processes, which greatly reduces use of the router’s internal storage for tracing and is analogous to remote system logging. You configure remote tracing system-wide using the tracing statement at the [edit system] hierarchy level. By default, remote tracing is not configured. You can disable remote tracing for specific processes using the no-remote-trace statement at the [edit process-name traceoptions] hierarchy level. This feature does not alter local tracing functionality in any way, and logging files are stored on the router.
Junos OS supports remote tracing for the following processes:
Logging operations use a system logging mechanism similar to the UNIX syslogd utility to record systemwide, high-level operations, such as interfaces going up or down and users logging in to or out of the router. You configure these operations by using the syslog statement at the [edit system] hierarchy level, as described in Junos OS System Log Overview, and by using the options statement at the [edit routing-options] hierarchy level, as described in the Junos OS Routing Protocols Library.
Tracing operations record more detailed messages about the operation of routing protocols, such as the various types of routing protocol packets sent and received, and routing policy actions. You configure tracing operations using the traceoptions statement. You can define tracing operations in different portions of the router configuration:
Global tracing operations—Define tracing for all routing protocols. You define these tracing operations at the [edit routing-options] hierarchy level of the configuration.
Protocol-specific tracing operations—Define tracing for a specific routing protocol. You define these tracing operations in the [edit protocol] hierarchy when configuring the individual routing protocol. Protocol-specific tracing operations override any equivalent operations that you specify in the global traceoptions statement. If there are no equivalent operations, they supplement the global tracing options. If you do not specify any protocol-specific tracing, the routing protocol inherits all the global tracing operations.
Tracing operations within individual routing protocol entities—Some protocols allow you to define more granular tracing operations. For example, in Border Gateway Protocol (BGP), you can configure peer-specific tracing operations. These operations override any equivalent BGP-wide operations or, if there are no equivalents, supplement them. If you do not specify any peer-specific tracing operations, the peers inherit, first, all the BGP-wide tracing operations and, second, the global tracing operations.
Interface tracing operations—Define tracing for individual router interfaces and for the interface process itself. You define these tracing operations at the [edit interfaces] hierarchy level of the configuration as described in the Junos OS Network Interfaces Library for Routing Devices.
Remote tracing—To enable system-wide remote tracing, include the destination-override syslog host statement at the [edit system tracing] hierarchy level. This specifies the remote host running the system log process (syslogd), which collects the traces. Traces are written to file(s) on the remote host per the syslogd configuration in
/etc/syslog.conf. By default remote tracing is not configured.
To override the system-wide remote tracing configuration for a particular process, include the no-remote-trace statement at the [edit process-name traceoptions] hierarchy. When no-remote-trace is enabled, the process does local tracing.
When remote tracing is configured, traces will go to the remote host.
To collect traces, use the local0 facility as the selector in
/etc/syslog.confon the remote host. To separate traces from various processes into different files, include the process name or trace-file name if it is specified at the [edit process-name traceoptions file] hierarchy level, in the Program field in
/etc/syslog.conf. If your syslog server supports parsing hostname and program name, then you can separate traces from the various processes.