Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

traceoptions (Security)

Syntax

Hierarchy Level

Description

Configure security tracing options.

Options

  • file—Configure the trace file options.

    • filename—Name of the file to receive the output of the tracing operation. Enclose the name within quotation marks. All files are placed in the directory /var/log. By default, the name of the file is the name of the process being traced.

    • files number—Maximum number of trace files. When a trace file named trace-file reaches its maximum size, it is renamed to trace-file.0, then trace-file.1, and so on, until the maximum number of trace files is reached. The oldest archived file is overwritten.

      If you specify a maximum number of files, you also must specify a maximum file size with the size option and a filename.

      Range: 2 through 1000 files

      Default: 10 files

    • match regular-expression—Refine the output to include lines that contain the regular expression.

    • size maximum-file-size—Maximum size of each trace file, in kilobytes (KB), megabytes (MB), or gigabytes (GB). When a trace file named trace-file reaches this size, it is renamed trace-file.0. When the trace-file again reaches its maximum size, trace-file.0 is renamed trace-file.1 and trace-file is renamed trace-file.0. This renaming scheme continues until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

      If you specify a maximum file size, you also must specify a maximum number of trace files with the files option and a filename.

      Syntax: x K to specify KB, x m to specify MB, or x g to specify GB

      Range: 10 KB through 1 GB

      Default: 128 KB

    • world-readable | no-world-readable—By default, log files can be accessed only by the user who configures the tracing operation. The world-readable option enables any user to read the file. To explicitly set the default behavior, use the no-world-readable option.

  • flag—Trace operation to perform. To specify more than one trace operation, include multiple flag statements.

    • all—Trace all security events

    • compilation—Trace security compilation events

    • configuration—Trace security configuration events

    • routing-socket—Trace routing socket events

  • no-remote-trace—Set remote tracing as disabled.

  • rate-limit messages-per-second—Limit the incoming rate of trace messages.

Required Privilege Level

trace—To view this in the configuration.

trace-control—To add this to the configuration.

Release Information

Statement modified in Junos OS Release 8.5.

Related Documentation