• Downloads
• traceoptions    

• Related Topics
• Configuring Tracing Operations for Security Services

traceoptions

Syntax

Hierarchy Level

Trace options can be configured at either the [edit security] or the [edit services ipsec-vpn] hierarchy level, but not at both levels.

Release Information

Statement introduced before JUNOS Release 7.4.

Statement introduced in JUNOS Release 9.0 for EX Series switches.

Description

Configure security trace options.

To specify more than one trace option, include multiple flag statements. Trace option output is recorded in the /var/log/kmd file.

Options

files number—(Optional) Maximum number of trace files. When a trace file (for example, kmd) reaches its maximum size, it is renamed kmd.0, then kmd.1, and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

If you specify a maximum number of files, you must also specify a maximum file size with the size option.

Range: 2 through 1000 files

Default: 0 files

size size—(Optional) Maximum size of each trace file, in kilobytes (KB). When a trace file (for example, kmd) reaches this size, it is renamed, kmd.0, then kmd.1 and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

Default: 1024 KB

flag—Trace operation to perform. To specify more than one trace operation, include multiple flag statements.

• all—Trace all security events.

• database—Trace database events.

• general—Trace general events.

• ike—Trace IKE module processing.

• parse—Trace configuration processing.

• policy-manager—Trace policy manager processing.

• routing-socket—Trace routing socket messages.

• timer—Trace internal timer events.

Required Privilege Level

admin—To view the configuration.

admin-control—To add this statement to the configuration.