Traceoptions on Juniper Devices

Traceoptions (or ‘Tracing Options’) are debugging tools built into JunOS. They’re similar to ‘debugs’ found in Cisco IOS, but with a few enhancements.

Unlike Cisco’s ‘debug’, traceoptions are written to a log file by default, instead of being written to screen. Of course, doing both is still an option.


Configuring Traceoptions

Traceoptions are configured rather than just turned on. Most (or maybe all) configurable items can have traceoptions enabled.

For example, you can enable traceoptions under ‘routing-options’ or under ‘protocols snmp’. Nearly anything you can configure can have traceoptions added.


Consider the example below. Here, we’re enabling traceoptions for sflow

Firstly we’re using the ‘file’ parameter to set the filename that the debugs will be written to. This file is stored in /var/log.

We can also set the file size, so they don’t get too large. Here, we’re setting this to 1MB, but this can go as large as the filesystem will support (several GB).

And finally, we’re setting the maximum number of files to create. When a log file reaches the size limit, the log will be ‘rotated’, meaning that a new file will be started.

[email protected]# edit protocols sflow

{master:0}[edit protocols sflow]
[email protected]# set traceoptions file sflow.log size 1M files 5


The next step is to determine what we want to debug. This is set with ‘flags’. We can turn them all on, as below, or choose specific items to debug.

The flag options available will depend on the technology that we’re debugging. That is, flags for sflow will be different to flags for routing-options.

Although not shown, we can also use the ‘disable’ keyword to disable certain flags while leaving the rest on.

{master:0}[edit protocols sflow]
[email protected]# set traceoptions flag all


The final configuration would look like this:

protocols {
    sflow {
        traceoptions {
            file sflow.log size 1m files 5;
            flag all;



Viewing Traceoptions

We can look at the logs with the show log [file] command, as shown in the example below.

This can produce a lot of output, so consider using ‘match’, ‘last’, and ‘trim’ to make the output more readable.

[email protected]> show log sflow.log
Dec 11 22:57:44 trace_on: Tracing to "/var/log/sflow.log" started
Dec 11 22:57:44.607206
Dec 11 22:57:44.607206 Tracing flags enabled:  all
Dec 11 22:57:44.607206
Dec 11 22:57:44.608222 task_newstate: State change from <ReConfig Foreground ParseConfig> to <ReConfig Foreground>
Dec 11 22:57:44.615160
Dec 11 22:57:44.615160 task_module_inits: initializing Mgmt
Dec 11 22:57:44.615383 task_alloc: allocated task block for MGMT_Listen priority 70
Dec 11 22:57:44.615489 task_create: MGMT_Listen


Alternatively, we can send the output directly to the screen as it is logged, using the monitor start command. This is the same as tail -f on a linux server, and is comparable to terminal monitor on an IOS device.

Use ‘monitor stop’ to turn it off when you’re done.

Be careful with this though, as you can easily get overwhelmed with the amount of output you get. Reading the log with ‘show log’ is still the preferred option.

[email protected]> monitor start sflow.log

[email protected]>
*** sflow.log ***
Dec 11 23:00:27.689548 main: running normal priority timer queue
Dec 11 23:00:27.707580 main: ran 1 timer
Dec 11 23:00:30.521508 main: running normal priority timer queue
Dec 11 23:00:30.521722 main: ran 1 timer
Dec 11 23:00:30.539739 rtsock tot ingr pkts 87446011 tmp 0 prev 87445817
Dec 11 23:00:30.539857 rtsock tot egr pkts 346409712 tmp 0 prev 346409014
monitor stop




Juniper Tech Library – Traceoptions

Juniper Knowledge Search – SRX Getting Started — Configuring Traceoptions for Debugging and Trimming Output


Leave a Reply