traceoptions (Security)
Syntax
traceoptions { file filename <files number> <size size>; flag all; flag certificates; flag database; flag general; flag ike; flag parse; flag policy-manager; flag routing-socket; flag timer; level no-remote-trace }
Hierarchy Level
[edit security], [edit services ipsec-vpn]
Trace options can be configured at either the [edit security]
or the [edit services ipsec-vpn]
hierarchy level, but not at both levels.
Description
Configure security trace options.
To specify more than one trace option, include
multiple flag
statements. Trace option output is recorded
in the /var/log/kmd file.
The traceoptions
statement is not supported
on QFabric systems.
Options
files number
—(Optional) Maximum number of trace files. When a trace file
(for example, kmd
) reaches its maximum size, it is renamed kmd.0
, then kmd.1
, and so on, until the maximum
number of trace files is reached. Then the oldest trace file is overwritten.
If you specify a maximum number of files, you must
also specify a maximum file size with the size
option.
Range: 2 through 1000 files
Default: 0 files
size size
—(Optional) Maximum
size of each trace file, in kilobytes (KB). When a trace file (for
example, kmd
) reaches this size, it is renamed, kmd.0
, then kmd.1
and so on, until the maximum number of trace
files is reached. Then the oldest trace file is overwritten.
Default: 1024 KB
flag flag
—Trace operation
to perform. To specify more than one trace operation, include multiple flag
statements.
all
—Trace all security events.certificates
—Trace certificate events.
database
—Trace database events.
general
—Trace general events.
ike
—Trace IKE module processing.
parse
—Trace configuration processing.
policy-manager
—Trace policy manager processing.
routing-socket
—Trace routing socket messages.
timer
—Trace internal timer events.
level level
—(Optional)
Set traceoptions level.
all
—match all levels.error
—Match error conditions.info
—Match informational messages.notice
—Match conditions that should be handled specially.verbose
—Match verbose messages.warning
—Match warning messages.
no-remote-trace
—(Optional) Disable remote tracing
Required Privilege Level
admin—To view the configuration.
admin-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.