Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Tracing Event Policy Processing
Event policy tracing operations track all event policy operations and record them in a log file. The logged error descriptions provide detailed information to help you solve problems faster.
By default, no events are traced. If you include the traceoptions statement at the [edit event-options] hierarchy level, the default tracing behavior is the following:
- Important events are logged in a file called eventd located in the /var/log directory.
- When the file eventd reaches 128 kilobytes (KB), it is renamed and compressed to eventd.0.gz, then eventd.1.gz, and so on, until there are three trace files. Then the oldest trace file (eventd.2.gz) is overwritten. (For more information about how log files are created, see the Junos System Log Messages Reference.)
- Log files can be accessed only by the user who configures the tracing operation.
You cannot change the directory (/var/log) to which trace files are written. However, you can customize the other trace file settings by including the following statements at the [edit event-options traceoptions] hierarchy level:
These statements are described in the following sections:
- Configuring the Event Policy Log Filename
- Configuring the Number and Size of Event Policy Log Files
- Configuring Access to the Log File
- Configuring a Regular Expression for Lines to Be Logged
- Configuring the Trace Operations
Configuring the Event Policy Log Filename
By default, the name of the file that records trace output is eventd. You can specify a different name by including the file statement at the [edit event-options traceoptions] hierarchy level:
Configuring the Number and Size of Event Policy Log Files
By default, when the trace file reaches 128 kilobytes (KB) in size, it is renamed filename.0, then filename.1, and so on, until there are three trace files. Then the oldest trace file (filename.2) is overwritten.
You can configure the limits on the number and size of trace files by including the following statements at the [edit event-options traceoptions file <filename>] hierarchy level:
For example, set the maximum file size to 2 MB and the
maximum number of files to 20. When the file that receives the output
of the tracing operation (filename) reaches 2 MB, filename is renamed and compressed to filename.0.gz and a new file called filename is created.
When filename reaches 2 MB, filename.0.gz is renamed filename.1.gz and filename is renamed and compressed to filename.0.gz. This process repeats until
there are 20 trace files. Then the oldest file (filename.19.gz) is overwritten.
The number of files can range from 2 through 1000 files. The file size can range from 10 KB through 1 gigabyte (GB).
Configuring Access to the Log File
By default, log files can be accessed only by the user who configures the tracing operation.
To specify that any user can read all log files, include the world-readable statement at the [edit event-options traceoptions file <filename>] hierarchy level:
To explicitly set the default behavior, include the no-world-readable statement at the [edit event-options traceoptions file <filename>] hierarchy level:
Configuring a Regular Expression for Lines to Be Logged
By default, the trace operation output includes all lines relevant to the logged events.
You can refine the output by including the match statement at the [edit event-options traceoptions file <filename>] hierarchy level and specifying a regular expression to be matched:
Configuring the Trace Operations
By default, only important events are logged. You can configure the trace operations to be logged by including the following statements at the [edit event-options traceoptions] hierarchy level:
Table 20 describes the meaning of the event policy tracing flags.
Table 20: Event Policy Tracing Flags
Flag | Description | Default Setting |
|---|---|---|
all | Trace all operations. | Off |
configuration | Log reading of configuration at the [edit event-options] hierarchy level. | Off |
events | Trace important events. | Off |
database | Log events involving storage and retrieval in events database. | Off |
policy | Log policy processing. | Off |
server | Log communication with processes that are generating events. | Off |
syslogd | Log syslog related traces | Off |
timer-events | Log internally generated events. | Off |
To display the end of the log, issue the show log eventd | last operational mode command:
