Flow Trace for Logical Systems
Flow trace also called traceoptions, allows you to monitor traffic flow into and out of an SRX Series Firewall. You can use tracoptions as debugging tool to trace the packets as they traverse the SRX Series Firewall. Traceoptions help you to get details of actions by your security device.
Flow Trace Support for Logical Systems Overview
For an SRX Series Firewall configured with logical systems, by default the traceoptions are configured at the root level only. In this case, all the system traces including root and logical systems are logged in one single trace file. This generated large amounts of information in a single file.
Starting in Junos OS Release 19.4R1, you can enable tracing operations per logical system level. When you configure the traceoptions at the logical system level, then the traces for that specific logical systems are logged in the respective trace file. You can generate an output file for the specified logical system, and you can find the required traffic information easily in the trace file.
When you enable traceoptions, you specify the name of the file and the type of information you want to trace.
All flow trace sent to one log file in root, if you enable the traceoptions under root context. Traces for a logical system only sent to the respective trace file, if you enable the traceoptions for the specific logical system.
Configure Flow Trace Support for Logical Systems
Configuring traceoptions for a logical system includes configuring both a target file and a flag. The target file determines where the trace output is recorded. The flag defines what type of data to be collected. If you configure traceoptions for a logical system, the respective trace file sent to the specific logical system log file only.
To configure traceoptions for a logical system:
After you commit the traceoptions configuration, you can view
the traceoptions debug files for the logical system using show
log tracefilename operational command.
user@host:LSYS1> show log flow_lsys1.log Nov 7 07:34:09 07:34:09.491800:CID-0:THREAD_ID-00:LSYS_ID-01:RT:got route table lock Nov 7 07:34:09 07:34:09.491809:CID-0:THREAD_ID-00:LSYS_ID-01:RT:released route table lock Nov 7 07:34:09 07:34:09.491840:CID-0:THREAD_ID-00:LSYS_ID-01:RT:got route table lock Nov 7 07:34:09 07:34:09.491841:CID-0:THREAD_ID-00:LSYS_ID-01:RT:released route table lock Nov 7 07:34:09 07:34:09.491854:CID-0:THREAD_ID-00:LSYS_ID-01:RT:cache final sw_nh 0x0 Nov 7 07:34:09 07:34:09.491868:CID-0:THREAD_ID-00:LSYS_ID-01:RT:got route table lock Nov 7 07:34:09 07:34:09.491869:CID-0:THREAD_ID-00:LSYS_ID-01:RT:released route table lock Nov 7 07:34:09 07:34:09.491881:CID-0:THREAD_ID-00:LSYS_ID-01:RT:cache final sw_nh 0x0