Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

traceoptions (Security)

Syntax

Hierarchy Level

Trace options can be configured at either the [edit security] or the [edit services ipsec-vpn] hierarchy level, but not at both levels.

Description

Configure security trace options.

To specify more than one trace option, include multiple flag statements. Trace option output is recorded in the /var/log/kmd file.

Note:

The traceoptionsstatement is not supported on QFabric systems.

Options

files number—(Optional) Maximum number of trace files. When a trace file (for example, kmd) reaches its maximum size, it is renamed kmd.0, then kmd.1, and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

If you specify a maximum number of files, you must also specify a maximum file size with the size option.

  • Range: 2 through 1000 files

  • Default: 0 files

size size—(Optional) Maximum size of each trace file, in kilobytes (KB). When a trace file (for example, kmd) reaches this size, it is renamed, kmd.0, then kmd.1 and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten.

  • Default: 1024 KB

flag flag—Trace operation to perform. To specify more than one trace operation, include multiple flag statements.

  • all—Trace all security events.

  • certificates—Trace certificate events.

  • database—Trace database events.

  • general—Trace general events.

  • ike—Trace IKE module processing.

  • parse—Trace configuration processing.

  • policy-manager—Trace policy manager processing.

  • routing-socket—Trace routing socket messages.

  • timer—Trace internal timer events.

level level—(Optional) Set traceoptions level.

  • all—match all levels.

  • error—Match error conditions.

  • info—Match informational messages.

  • notice—Match conditions that should be handled specially.

  • verbose—Match verbose messages.

  • warning—Match warning messages.

no-remote-trace—(Optional) Disable remote tracing

Required Privilege Level

admin—To view the configuration.

admin-control—To add this statement to the configuration.

Release Information

Statement introduced before Junos OS Release 7.4.

Related Documentation