Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

advanced-anti-malware traceoptions

 

Syntax

Release Information

Command introduced in Junos OS Release 15.1X49-D33.

Description

In Junos, the concept of setting traceoptions requires setting the trace in the configuration itself, rather than as an operational mode command. When the trace is set in the configuration, the “flags” are defined for the actual debug that you want to perform. This command allows you to trace the Juniper Advanced Threat Prevention Cloud configuration and is typically used for troubleshooting.

Options

apply-groups name Groups that these trace option settings apply.
apply-groups-except nameGroups that these trace option settings do not apply.
file Defines the trace file characteristics. Valid options are:
  • trace-file-name—Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory /var/log. Valid values range from 1 and 1024 characters. The name cannot include spaces, /, or % characters. The default filename is security.

  • files—Maximum number of trace files that can accumulate. Valid values range from 2 to 1000. The default value is 3.

  • match—The criteria that you want the system to use when logging information to the file. You can enter a regular expression. Wildcard (*) characters are accepted.

  • no-world-readable—Only the system administrator can read the trace file.

  • size—Maximum size to which the trace file can grow. Once the file reaches the specified size, it is compressed and renamed filename0.gz, the next file is named filename1.gz, and so on. Valid values range from 10240 to 1,073,741,824.

  • world-readable—Any user can read the trace file.

flag flagTracing operation to perform. To specify more than one tracing operation, include multiple flag statements. You can include the following flags:
  • all—Trace everything.

  • connection—Trace connection to the Juniper Advanced Threat Prevention Cloud server.

  • content—Trace the content the SRX is buffering to the client and to the cloud.

  • daemon—Trace the Juniper Advanced Threat Prevention Cloud daemon.

  • identification—Trace the file type identification. Examples of file types are .exes, .java, .tar and so forth.

  • parser—Trace the interface between the Juniper Advanced Threat Prevention Cloud daemon and the module that parses the HTTP protocol and extracts the file content..

  • plugin—Trace the Juniper Advanced Threat Prevention Cloud plugin to view session checks, packet processing and actions taken against a file or URL.

  • policy—Trace the Juniper Advanced Threat Prevention Cloud security policy.

level level Specify level of tracing to perform. The option you configure enables tracing of events at that level and all higher (more restrictive) levels. You can specify any of the following levels:
  • all—Match messages of all levels.

  • error—Match error conditions.

  • info—Match informational messages.

  • notice—Match notice messages about conditions requiring special handling.

  • verbose—Match verbose messages. This is the lowest (least restrictive) severity level; when you configure verbose, messages at all higher levels are traced. Therefore, the result is the same as when you configure all.

  • warning—Match warning messages.

no-remote-traceDisable remote tracing.

Required Privilege Level

trace—To view this statement in the configuration.

trace-control—To add this statement to the configuration.

List of Sample Output

Output Fields

This command produces no output. Use the show log trace-file-name command to view the debug file.