traceoptions (Security IDP)
Syntax
traceoptions { file { filename; files number; match regular-expression; size maximum-file-size; (world-readable | no-world-readable); } flag all; level (all | error | info | notice | verbose | warning); no-remote-trace; }
Hierarchy Level
[edit security idp]
Description
Configure IDP tracing options.
Options
file
—Configure the trace file options.filename
—Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory /var/log. By default, the name of the file is the name of the process being traced.files number
—Maximum number of trace files. When a trace file named trace-file reaches its maximum size, it is renamed to trace-file.0 then trace-file.1 and so on, until the maximum number of trace files is reached. The oldest archived file is overwritten.If you specify a maximum number of files, you also must specify a maximum file size with the
size
option and a filename.Range: 2 through 1000 files
Default: 10 files
match regular-expression
—Refine the output to include lines that contain the regular expression.size maximum-file-size
—Maximum size of each trace file, in kilobytes (KB), megabytes (MB), or gigabytes (GB). When a trace file named trace-file reaches this size, it is renamed trace-file.0. Whentrace-file.0
again reaches its maximum size, trace-file.1 is renamed trace-file.2 and trace-file.0 is renamed trace-file.1. This renaming scheme continues until the maximum number of trace files is reached. Then the oldest trace file is overwritten.If you specify a maximum file size, you also must specify a maximum number of trace files with the
files
option and a filename.Syntax:
x K
to specify KB,x m
to specify MB, orx g
to specify GBRange: 10 KB through 1 GB
Default: 128 KB
world-readable
|no-world-readable
—By default, log files can be accessed only by the user who configures the tracing operation. Theworld-readable
option enables any user to read the file. To explicitly set the default behavior, use theno-world-readable
option.
flag
—Trace operation to perform.all
—Trace with all flags enabled
level
—Set the level of debugging the output option.all
—Match all levelserror
—Match error conditionsinfo
—Match informational messagesnotice
—Match conditions that should be handled speciallyverbose
—Match verbose messageswarning
—Match warning messages
no-remote-trace
—Set remote tracing as disabled.
Required Privilege Level
trace—To view this statement in the configuration.
trace-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 9.2.