Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


traceoptions (Security IDP)


Hierarchy Level


Configure IDP tracing options.


  • file—Configure the trace file options.

    • filename—Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory /var/log. By default, the name of the file is the name of the process being traced.

    • files number—Maximum number of trace files. When a trace file named trace-file reaches its maximum size, it is renamed to trace-file.0 then trace-file.1 and so on, until the maximum number of trace files is reached. The oldest archived file is overwritten.

      If you specify a maximum number of files, you also must specify a maximum file size with the size option and a filename.

      Range: 2 through 1000 files

      Default: 10 files

    • match regular-expression—Refine the output to include lines that contain the regular expression.

    • size maximum-file-size—Maximum size of each trace file, in kilobytes (KB), megabytes (MB), or gigabytes (GB). When a trace file named trace-file reaches this size, it is renamed trace-file.0. When trace-file.0 again reaches its maximum size, trace-file.1 is renamed trace-file.2 and trace-file.0 is renamed trace-file.1. This renaming scheme continues until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

      If you specify a maximum file size, you also must specify a maximum number of trace files with the files option and a filename.

      Syntax: x K to specify KB, x m to specify MB, or x g to specify GB

      Range: 10 KB through 1 GB

      Default: 128 KB

    • world-readable | no-world-readable—By default, log files can be accessed only by the user who configures the tracing operation. The world-readable option enables any user to read the file. To explicitly set the default behavior, use the no-world-readable option.

  • flag—Trace operation to perform.

    • all—Trace with all flags enabled

  • level—Set the level of debugging the output option.

    • all—Match all levels

    • error—Match error conditions

    • info—Match informational messages

    • notice—Match conditions that should be handled specially

    • verbose—Match verbose messages

    • warning—Match warning messages

  • no-remote-trace—Set remote tracing as disabled.

Required Privilege Level

trace—To view this statement in the configuration.

trace-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 9.2.