Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Flow Trace for Logical Systems

Flow trace also called traceoptions, allows you to monitor traffic flow into and out of an SRX Series device. You can use tracoptions as debugging tool to trace the packets as they traverse the SRX Series device. Traceoptions help you to get details of actions by your security device.

Flow Trace Support for Logical Systems Overview

For an SRX Series device configured with logical systems, by default the traceoptions are configured at the root level only. In this case, all the system traces including root and logical systems are logged in one single trace file. This generated large amounts of information in a single file.

Starting in Junos OS Release 19.4R1, you can enable tracing operations per logical system level. When you configure the traceoptions at the logical system level, then the traces for that specific logical systems are logged in the respective trace file. You can generate an output file for the specified logical system, and you can find the required traffic information easily in the trace file.

When you enable traceoptions, you specify the name of the file and the type of information you want to trace.

All flow trace sent to one log file in root, if you enable the traceoptions under root context. Traces for a logical system only sent to the respective trace file, if you enable the traceoptions for the specific logical system.

Configure Flow Trace Support for Logical Systems

Configuring traceoptions for a logical system includes configuring both a target file and a flag. The target file determines where the trace output is recorded. The flag defines what type of data to be collected. If you configure traceoptions for a logical system, the respective trace file sent to the specific logical system log file only.

To configure traceoptions for a logical system:

  1. Create logical system LSYS1 and setup the basic configurations. See Setting Up a Logical System
  2. Configure target file to save the trace information for the logical system.
  3. Configure traceoptions flag for the logical system.

After you commit the traceoptions configuration, you can view the traceoptions debug files for the logical system using show log tracefilename operational command.